Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
A version of this page is also available for
4/8/2010

This function is a synchronous function that authenticates a client to the LDAP server.

Syntax

ULONG ldap_bind_s(
  LDAP* 
ld,
  UNICODE PTCHAR 
dn,
  UNICODE PTCHAR 
cred,
  ULONG 
method
);

Parameters

ld

[in] Session handle.

dn

[in] Distinguished name of the entry used to bind.

cred

[in] Credentials with which to authenticate. Arbitrary credentials can be passed using this parameter. The format and content of the credentials depend on the setting of the mechanism parameter. See the Remarkssection for more information.

method

[in] Indicates the authentication method to use. See the Remarkssection for a listing of valid synchronous authentication methods. See the ldap_bindfunction for a description of the valid asynchronous authentication method.

Return Value

If this function succeeds, the return value is LDAP_SUCCESS.

If this function fails, it returns an error code. See the LDAP_RETCODEenumeration for a list of possible return values.

Remarks

The following table shows the authentication methods supported in the implementation of this function.

Authentication method Description Credential

LDAP_AUTH_NTLM

Microsoft Windows NT LAN Manager

Set the dnparameter to NULL and pass in a pointer to a SEC_WINNT_AUTH_IDENTITYstructure using the credparameter.

LDAP_AUTH_NEGOTIATE

Generic security services (GSS) (Snego). Does not provide any authentication services. Instead GSS chooses the most appropriate authentication method from a list of available services and passes all authentication information on to that service.

To log in as the current user, set the dnand credparameters to NULL. To log in as another user, pass a pointer to a SEC_WINNT_AUTH_IDENTITYstructure with the appropriate user name and password.

For asynchronous bind authentication, use ldap_bind.

The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credential, such as a password. The exact credentials are dependent on the authentication method being used.

In a multithreading environment, bind calls are not safe because they apply to the connection as a whole. Use caution if threads share connections and try to thread the bind operations with other operations.

The following code example shows how to identify a client to the directory server by using the bind operation.

Copy Code
#include <windows.h>
#include <winldap.h>
#include <tchar.h>
LDAP *ld;
SEC_WINNT_AUTH_IDENTITY AuthId;
ULONG AuthMethod;
TCHAR szDomain[128] = _T("sample.domain.com");
TCHAR szUserName[128] = _T("admin");
TCHAR szPassword[128] = _T("adminpass");
// Set up AuthId for NTLM authentication
AuthId.User = _tcslen(szUserName) ? szUserName :  NULL;
AuthId.UserLength = _tcslen(szUserName);
AuthId.Domain = _tcslen(szDomain) ? szDomain :  NULL;
AuthId.DomainLength = _tcslen(szDomain);
AuthId.Password = _tcslen(szPassword) ? szPassword :  NULL;
AuthId.PasswordLength = _tcslen(szPassword);
#ifdef UNICODE
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
#else
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
#endif
AuthMethod = LDAP_AUTH_NTLM;
if( (ld = ldap_init( _T("server.sample.domain.com"), 389 )) == NULL
)
{
	// Error
}
ldap_bind_s( ld, NULL, (TCHAR *) &AuthId, AuthMethod );

Requirements

Header winldap.h
Library wldap32.lib
Windows Embedded CE Windows CE .NET 4.0 and later
Windows Mobile Windows Mobile Version 5.0 and later

See Also