Directory Services

ldap_sasl_bind

The ldap_sasl_bind is an asynchronous function that authenticates a client to the LDAP server using SASL.

ULONG ldap_sasl_bind(
  LDAP* ExternalHandle,
  const PCHAR DistName,
  const PCHAR AuthMechanism,
  const BERVAL* cred,
  PLDAPControlA* ServerCtrls,
  PLDAPControlA* ClientCtrls,
  int* MessageNumber
);

Parameters

ExternalHandle
[in] The session handle.
DistName
[in] The distinguished name of the entry used to bind.
AuthMechanism
[in] Indicates the authentication method to use.
cred
[in] The credentials to use for authentication. Arbitrary credentials can be passed using this parameter. The format and content of the credentials depend on the value of the AuthMechanism argument passed. For more information, see Remarks.
ServerCtrls
[in] A list of LDAP server controls.
ClientCtrls
[in] A list of LDAP client controls.
MessageNumber
[out] The message ID for the bind operation.

Return Values

If the function succeeds, the return value is LDAP_SUCCESS.

If the function fails, it returns an error code. For more information, see Return Values.

Remarks

The ldap_sasl_bind routine binds to an LDAP server using the Simple Authentication and Security Layer (SASL) protocol. The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credentials. The authentication method being used determines the particular type of credential, and is specified by the AuthMechanism argument. This is passed as a string in the form of "GSSAPI", "GSS-SPNEGO", "DIGEST-MD5", and so on. This function can be used to pass arbitrary credentials to the server, so the application must be ready to interpret the response sent back from the server.

Note  The Microsoft LDAP client uses a default timeout value of 120 seconds (2 minutes) for each bind-response roundtrip. This timeout value can be changed using the LDAP_OPT_TIMELIMIT session option. Other operations do not have a timeout unless specified using ldap_set_option.

Requirements

Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0 SP6a and Windows 95/98/Me.
Unicode: Implemented as Unicode and ANSI versions on all platforms.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.

See Also

Functions, Return Values, ldap_sasl_bind_s, ldap_bind_s, ldap_bind, ldap_simple_bind_s, ldap_simple_bind, SEC_WINNT_AUTH_IDENTITY