Freigeben über


ldap_bind_s

A version of this page is also available for

Windows Embedded CE 6.0 R3

4/8/2010

This function is a synchronous function that authenticates a client to the LDAP server.

Syntax

ULONG ldap_bind_s(
  LDAP* ld,
  UNICODE PTCHAR dn,
  UNICODE PTCHAR cred,
  ULONG method
);

Parameters

  • ld
    [in] Session handle.
  • dn
    [in] Distinguished name of the entry used to bind.
  • cred
    [in] Credentials with which to authenticate. Arbitrary credentials can be passed using this parameter. The format and content of the credentials depend on the setting of the mechanism parameter. See the Remarks section for more information.
  • method
    [in] Indicates the authentication method to use. See the Remarks section for a listing of valid synchronous authentication methods. See the ldap_bind function for a description of the valid asynchronous authentication method.

Return Value

If this function succeeds, the return value is LDAP_SUCCESS.

If this function fails, it returns an error code. See the LDAP_RETCODE enumeration for a list of possible return values.

Remarks

The following table shows the authentication methods supported in the implementation of this function.

Authentication method Description Credential

LDAP_AUTH_NTLM

Microsoft Windows NT LAN Manager

Set the dn parameter to NULL and pass in a pointer to a SEC_WINNT_AUTH_IDENTITY structure using the cred parameter.

LDAP_AUTH_NEGOTIATE

Generic security services (GSS) (Snego). Does not provide any authentication services. Instead GSS chooses the most appropriate authentication method from a list of available services and passes all authentication information on to that service.

To log in as the current user, set the dn and cred parameters to NULL. To log in as another user, pass a pointer to a SEC_WINNT_AUTH_IDENTITY structure with the appropriate user name and password.

For asynchronous bind authentication, use ldap_bind.

The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credential, such as a password. The exact credentials are dependent on the authentication method being used.

In a multithreading environment, bind calls are not safe because they apply to the connection as a whole. Use caution if threads share connections and try to thread the bind operations with other operations.

The following code example shows how to identify a client to the directory server by using the bind operation.

#include <windows.h>
#include <winldap.h>
#include <tchar.h>
LDAP *ld;
SEC_WINNT_AUTH_IDENTITY AuthId;
ULONG AuthMethod;
TCHAR szDomain[128] = _T("sample.domain.com");
TCHAR szUserName[128] = _T("admin");
TCHAR szPassword[128] = _T("adminpass");
// Set up AuthId for NTLM authentication
AuthId.User = _tcslen(szUserName) ? szUserName :  NULL;
AuthId.UserLength = _tcslen(szUserName);
AuthId.Domain = _tcslen(szDomain) ? szDomain :  NULL;
AuthId.DomainLength = _tcslen(szDomain);
AuthId.Password = _tcslen(szPassword) ? szPassword :  NULL;
AuthId.PasswordLength = _tcslen(szPassword);
#ifdef UNICODE
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
#else
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
#endif
AuthMethod = LDAP_AUTH_NTLM;
if( (ld = ldap_init( _T("server.sample.domain.com"), 389 )) == NULL )
{
    // Error
}
ldap_bind_s( ld, NULL, (TCHAR *) &AuthId, AuthMethod );

Requirements

Header winldap.h
Library wldap32.lib
Windows Embedded CE Windows CE .NET 4.0 and later
Windows Mobile Windows Mobile Version 5.0 and later

See Also

Reference

ldap_bind
ldap_simple_bind_s