Effective with Windows® 2000, the LDAP run time supports the
following features not available in Windows NT® 4.0 or Windows
Client certificate support for SSL connections
Explicit kerberos authentication: This provides users the
ability to explicitly select any authentication package and thus
avoid having the Simple Protected Negotiation (SPNEGO) package
choose one for them.
Parallel connect for performance improvement: This improves
connect times to domain controllers (DCs), especially when some DCs
Multithreaded error handling in LDAP: This provides users
access to the custom error messages sent out by the server on a
Secure Sockets Layer (SSL) strength testing: this provides
users the ability to obtain all interesting parameters of an SSL
Service Principle Names for directory authentication: This
provides connection to the intended domain controller irrespective
of bad records in DNS.
Handler for disconnect notification: This recognizes a special
message sent asynchronously from the server and changes the
connection state accordingly.