Run-time Features for Microsoft Windows 2000

For computers running on Windows 2000 and later, the LDAP run time supports the following features:

  • Auto-reconnect.
  • Client certificate support for SSL connections (QUERYCLIENTCERT).
  • Explicit kerberos authentication: This provides users the ability to explicitly select any authentication package and thus avoid having the Simple Protected Negotiation (SPNEGO) package choose one for them.
  • Parallel connect for performance improvement: This improves connect times to domain controllers (DCs), especially when some DCs are non-operational.
  • Multithreaded error handling in LDAP: This provides users access to the custom error messages sent out by the server on a per-thread basis.
  • Secure Sockets Layer (SSL) strength testing: this provides users the ability to obtain all interesting parameters of an SSL connection.
  • Service Principle Names for directory authentication: This provides connection to the intended domain controller irrespective of bad records in DNS.
  • Handler for disconnect notification: This recognizes a special message sent asynchronously from the server and changes the connection state accordingly.