Synchronously authenticates the specified client to the LDAP server using a distinguished name and password.
#include <ldap.h> int ldap_simple_bind_s ( LDAP *ld, const char *dn, const char *passwd);
(IN) Points to the handle for the LDAP session.
(IN) Points to the distinguished name of the entry who is authenticating. For an anonymous authentication, set this parameter to NULL.
(IN) Points to the client's password. For an anonymous authentication, set this parameter to NULL.
0x00 |
LDAP_SUCCESS |
Non-zero |
Failure. For a complete list, see |
0x54 |
LDAP_DECODING_ERROR |
0x59 |
LDAP_PARAM_ERROR |
0x5A |
LDAP_NO_MEMORY |
0x5C |
LDAP_NOT_SUPPORTED |
By default, eDirectory does not accept clear text passwords. Make sure that the parameter for encrypted passwords is set to allow unencrypted passwords.
An anonymous bind to an eDirectory directory allows clients to access whatever the [Public] user has been granted access to. By default, this is just enough to allow the user to find an eDirectory server, match a distinguished name, and authenticate.
The LDAP_OPT_NETWORK_TIMEOUT option (set by calling ldap_set_option) enables you to set a timeout for the initial connection to a server. If no timeout is set, timeout depends upon the underlying socket timeout setting of the operating system.
Using the connection timeout, you can also specify multiple hosts separated by spaces in a bind call, then use a timeout to determine how long your application will wait for an initial response before attempting a connection to the next host in the list.
Passing NULL for the ld parameter of ldap_set_option sets this timeout as the default connection timeout for subsequent session handles created with ldap_init or ldapssl_init. To clear the timeout pass NULL for the invalue parameter of ldap_set_option.
A connection timeout will cause an LDAP_SERVER_DOWN error (81) "Can't contact LDAP server".
For sample code, see bind.c.