Export (0) Print
Expand All
Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

Authenticating an LDAP Client

Windows Mobile 6.5
A version of this page is also available for
4/8/2010

The bind operation identifies the person (or device or application) that is trying to connect to the server by providing a distinguished name and some type of authentication credential, such as a password. The exact credentials depend on the authentication method being used. You can also bind anonymously by passing NULL parameters.

The ldap_simple_bind functions use a clear text password for authentication. Call the ldap_bind or ldap_bind_s function to use authentication services, such as the Windows NT® LAN Manager (NTLM), distributed password authentication, or the Generic Security Services API. Note that ldap_bind is not supported for Negotiate.

The following code example shows how to bind to a server using NTLM.

#include <windows.h>
#include <winldap.h>
#include <winber.h>
#include <tchar.h>

LPTSTR szServer[64], szUserName[32], szPassword[32], szDomain[64], szOutput[128];
WORD wPort;
ULONG ulAuthMethod, ulLdapError;
LDAP *ld;
SEC_WINNT_AUTH_IDENTITY AuthId;

_tcscpy( szServer, TEXT("dc.microsoft.com") );
wPort = LDAP_PORT;

_tcscpy( szUserName, TEXT("Admin") );
_tcscpy( szPassword, TEXT("Password") );
_tcscpy( szDomain, TEXT("MICROSOFT") );

ulAuthMethod = LDAP_AUTH_NTLM;

// ...

// Set up AuthId for NTLM authentication
AuthId.User = _tcslen(szUserName) ? szUserName : NULL;
AuthId.UserLength = _tcslen(szUserName);
AuthId.Domain = _tcslen(szDomain) ? szDomain : NULL;
AuthId.DomainLength = _tcslen(szDomain);
AuthId.Password = _tcslen(szPassword) ? szPassword : NULL;
AuthId.PasswordLength = _tcslen(szPassword);
#ifdef UNICODE
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
#else
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
#endif

ld = ldap_init( szServer, wPort );
if( ld == NULL )
{
   wsprintf (szOutput, TEXT("ldap_init() failed. Error: %u"), LdapGetLastError());
   MessageBox (NULL, szOutput, TEXT("Error"), MB_OK);
   return FALSE;
}

// use v3 Client
ULONG version = LDAP_VERSION3;
ulLdapError = ldap_set_option( ld, LDAP_OPT_VERSION, &version );
if( ulLdapError != LDAP_SUCCESS )
{
   wsprintf (szOutput, TEXT("ldap_set_option() failed. Error: %u"), ulLdapError);
   MessageBox (NULL, szOutput, TEXT("Error"), MB_OK);
   ldap_unbind( ld );
   return FALSE;
}

ulLdapError = ldap_bind_s( 
ld, 
(ulAuthMethod == LDAP_AUTH_SIMPLE) ? AuthId.User : NULL,
(ulAuthMethod == LDAP_AUTH_SIMPLE) ? AuthId.Password : (TCHAR *) &AuthId, 
ulAuthMethod );

if( ulLdapError != LDAP_SUCCESS )
{
   wsprintf (szOutput, TEXT("ldap_bind_s() failed. Error: %u"), ulLdapError);
   MessageBox (NULL, szOutput, TEXT("Error"), MB_OK);
   ldap_unbind( ld );
   return FALSE;
}

// Successfully bound to the server!

// Request information from the directory and/or modify it...

ldap_unbind( ld );
return TRUE; 

Community Additions

Show:
© 2015 Microsoft