Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
This function is a synchronous function that authenticates a client to the LDAP server.
Syntax
ULONG ldap_bind_s( LDAP* ld, UNICODE PTCHAR dn, UNICODE PTCHAR cred, ULONG method ); |
Parameters
- ld
-
[in] Session handle.
- dn
-
[in] Distinguished name of the entry used to bind.
- cred
-
[in] Credentials with which to authenticate. Arbitrary credentials can be passed using this parameter. The format and content of the credentials depend on the setting of the mechanism parameter. See the Remarkssection for more information.
- method
-
[in] Indicates the authentication method to use. See the Remarkssection for a listing of valid synchronous authentication methods. See the ldap_bindfunction for a description of the valid asynchronous authentication method.
Return Value
If this function succeeds, the return value is LDAP_SUCCESS.
If this function fails, it returns an error code. See the LDAP_RETCODEenumeration for a list of possible return values.
Remarks
The following table shows the authentication methods supported in the implementation of this function.
Authentication method | Description | Credential |
---|---|---|
LDAP_AUTH_NTLM |
Microsoft Windows NT LAN Manager |
Set the dnparameter to NULL and pass in a pointer to a SEC_WINNT_AUTH_IDENTITYstructure using the credparameter. |
LDAP_AUTH_NEGOTIATE |
Generic security services (GSS) (Snego). Does not provide any authentication services. Instead GSS chooses the most appropriate authentication method from a list of available services and passes all authentication information on to that service. |
To log in as the current user, set the dnand credparameters to NULL. To log in as another user, pass a pointer to a SEC_WINNT_AUTH_IDENTITYstructure with the appropriate user name and password. |
For asynchronous bind authentication, use ldap_bind.
The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credential, such as a password. The exact credentials are dependent on the authentication method being used.
In a multithreading environment, bind calls are not safe because they apply to the connection as a whole. Use caution if threads share connections and try to thread the bind operations with other operations.
The following code example shows how to identify a client to the directory server by using the bind operation.
Copy Code | |
---|---|
#include <windows.h> #include <winldap.h> #include <tchar.h> LDAP *ld; SEC_WINNT_AUTH_IDENTITY AuthId; ULONG AuthMethod; TCHAR szDomain[128] = _T("sample.domain.com"); TCHAR szUserName[128] = _T("admin"); TCHAR szPassword[128] = _T("adminpass"); // Set up AuthId for NTLM authentication AuthId.User = _tcslen(szUserName) ? szUserName : NULL; AuthId.UserLength = _tcslen(szUserName); AuthId.Domain = _tcslen(szDomain) ? szDomain : NULL; AuthId.DomainLength = _tcslen(szDomain); AuthId.Password = _tcslen(szPassword) ? szPassword : NULL; AuthId.PasswordLength = _tcslen(szPassword); #ifdef UNICODE AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE; #else AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI; #endif AuthMethod = LDAP_AUTH_NTLM; if( (ld = ldap_init( _T("server.sample.domain.com"), 389 )) == NULL ) { // Error } ldap_bind_s( ld, NULL, (TCHAR *) &AuthId, AuthMethod ); |
Requirements
Header | winldap.h |
Library | wldap32.lib |
Windows Embedded CE | Windows CE .NET 4.0 and later |
Windows Mobile | Windows Mobile Version 5.0 and later |