Directory Services

Example Code for Establishing a Session Without Encryption

This code example shows how to establish an unencrypted LDAP connection to an Active Directory server using LDAP version 3. Be aware that the user password is not transmitted over the network in plaintext.

//--------------------------------------------------------
// Establish an LDAP session.
//--------------------------------------------------------

#include <windows.h>
#include <winldap.h>
#include <stdio.h>

int main(int argc, char* argv[])
{
	PCHAR hostName = "mycomputer.fabrikam.com";
	LDAP* pLdapConnection = NULL;
	ULONG version = LDAP_VERSION3;
	ULONG getOptSuccess = 0;
	ULONG connectSuccess = 0;
	INT iRtn = 0;



	//----------------------------------------------------------
	// Initialize a session. LDAP_PORT is the default port, 389.
	//----------------------------------------------------------
	pLdapConnection = ldap_init(hostName, LDAP_PORT);

	if (pLdapConnection == NULL)
	{
		printf( "ldap_init failed with 0x%x.\n",GetLastError());
		goto error_exit;
}
	else
		printf("ldap_init succeeded \n");


	//-------------------------------------------------------
	// Set the version to 3.0 (default is 2.0).
	//-------------------------------------------------------
	int iRtn = ldap_set_option(pLdapConnection,
							 LDAP_OPT_PROTOCOL_VERSION,
							 (void*)&version);
	if(iRtn == LDAP_SUCCESS)
		printf("ldap_set_option succeeded – version set to 3\n");
	else
	{
		printf("SetOption Error:%0X\n", iRtn);
		goto error_exit;
}

	//--------------------------------------------------------
	// Connect to the server.
	//--------------------------------------------------------
	connectSuccess = ldap_connect(pLdapConnection, NULL);

	if(connectSuccess == LDAP_SUCCESS)
		printf("ldap_connect succeeded \n");
	else
	{
		printf("ldap_connect failed with 0x%x.\n",connectSuccess);
		goto error_exit;
}

	//----------------------------------------------------------
	// Bind with current credentials (login credentials). Be
	// aware that the password itself is never sent over the 
	// network, and encryption is not used.
	//----------------------------------------------------------
	printf("Binding ...\n");

	iRtn = ldap_bind_s(pLdapConnection, NULL, NULL,
					 LDAP_AUTH_NEGOTIATE);
	if (iRtn == LDAP_SUCCESS)
		printf(“The bind was successful”);
	else
		goto error_exit;

	//----------------------------------------------------------
	// Normal cleanup and exit.
	//----------------------------------------------------------
	ldap_unbind(pLdapConnection);

	return 0;

	//----------------------------------------------------------
	// On error cleanup and exit.
	//----------------------------------------------------------
error_exit:
	ldap_unbind(pLdapConnection);

	return -1;
}