Directory Services

ldap_set_option

The ldap_set_option function sets options on connection blocks. For more information about structures, see Data Structures.

ULONG ldap_set_option(
  LDAP* ld,
  int option,
  void* invalue
);

Parameters

ld
[in] The session handle.
option
[in] The name of the option set.
invalue
[in] A pointer to the value that the option is to be given. The actual type of this parameter depends on the setting of the option parameter. The constants LDAP_OPT_ON and LDAP_OPT_OFF can be given for options that have on or off settings.

Return Values

If the function succeeds, the return value is LDAP_SUCCESS.

If the function fails, it returns an error code. For more information, see Return Values.

Remarks

Call ldap_set_option to access the LDAP structure that represents an LDAP session. Do not attempt to modify the LDAP data structure directly.

For more information and a description of optional settings that apply to an LDAP session, see Session Options. For more information about flags, see DsGetDcName.

It is now possible to digitally sign or encrypt all of your LDAP traffic to and from a Windows 2000 LDAP server using the Kerberos authentication protocol. This new feature provides integrity and confidentiality required by some applications. Be aware that using Secure Sockets Layer (SSL) will give you the same benefits, but requires extensive certificate enrollments for the server and, sometimes, for the client.

To enable signing and sealing, you have to turn on one of the following options prior to calling ldap_bind_s with LDAP_AUTH_NEGOTIATE for the bind method.

#define LDAP_OPT_SIGN	0x95
#define LDAP_OPT_ENCRYPT   0x96

To turn off signing and sealing, close the connection by calling ldap_unbind() on the connection handle.

Multithreading: Calls to ldap_set_option are unsafe because it affects the connection as a whole. Use caution if threads share connections.

Requirements

Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0 SP6a and Windows 95/98/Me.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.

See Also

DsGetDcName, Functions, LDAP, ldap_get_option, Return Values, Setting Session Options