H
Hung Q Le
Hi,
I am having problem connecting to AD and Openldap servers using the
ldap_sals_bind_s function. I'd to be able to connect to any ldap servers by
the GSSAPI mechanism providing Kerberos configuration is in place.
I keep getting error code 89 which is LDAP_PARAM_ERROR.
Are there any examples available? I came across a post from last year by
James Beluga but the final solution wasn't posted. My problem is almost
exactly his.
Regards,
Harry
All messages from thread
Message 1 in thread
From: James Beluga ([email protected])
Subject: LDAP SASL bind problem.
View this article only
Newsgroups: microsoft.public.win2000.active_directory
Date: 2002-11-19 06:28:22 PST
Good evening. Could anybody help me with my problem? I am using
microsoft LDAP client within WinXP SP1. I'm trying to make SASL bind
to OpenLDAP server v2.1 using DIGEST-MD5 SASL mechanism with
ldap_sasl_bind and ldap_sasl_bind_s functions. The functions return
LDAP_SUCESS or LDAP_SERVER_DOWN depends on parameters I've feed them.
But it seems no request is sending to the LDAP server. And the same
result when I try to use other SASL mechanism or even anonymouse bind.
But since I use ldap_simple_bind, ldap_simple_bind_s everything is ok
and I see my requests on a log console of my OpenLDAP server. What am
I doing wrong? Should I set some connection options befor making SASL
bind. Or call some functions for extra initialization?... I found
nothing related to subject on the internet. So, will be extremely
greatful for code examples of SASL bind with microsoft client API.
James.Message 2 in thread
From: Jason Robarts [MS] ([email protected])
Subject: Re: LDAP SASL bind problem.
View this article only
Newsgroups: microsoft.public.win2000.active_directory
Date: 2002-11-19 13:52:28 PST
If this message appears twice, please excuse.
Have you used Netmon to verify you aren't sending anything to the server?
Are you providing the SASL cred yourself when using these functions?
Windows will construct the cred if you use ldap_bind_s() but not
ldap_sasl_bind*. If you use LDAP_AUTH_DIGEST using the ldap_bind_s() you
will send a Digest bind on Win XP.
I'd recommend using ldap_init and ldap_connect to get a connection to the
server. This allows you to set options before attempting the connect and
you'll see if you get a connection to the server. Then you can use a bind
function. It just makes the bind call a true bind call as if you don't
specify a ldap_connect it needs to connect behind the scenes.
I am having problem connecting to AD and Openldap servers using the
ldap_sals_bind_s function. I'd to be able to connect to any ldap servers by
the GSSAPI mechanism providing Kerberos configuration is in place.
I keep getting error code 89 which is LDAP_PARAM_ERROR.
Are there any examples available? I came across a post from last year by
James Beluga but the final solution wasn't posted. My problem is almost
exactly his.
Regards,
Harry
All messages from thread
Message 1 in thread
From: James Beluga ([email protected])
Subject: LDAP SASL bind problem.
View this article only
Newsgroups: microsoft.public.win2000.active_directory
Date: 2002-11-19 06:28:22 PST
Good evening. Could anybody help me with my problem? I am using
microsoft LDAP client within WinXP SP1. I'm trying to make SASL bind
to OpenLDAP server v2.1 using DIGEST-MD5 SASL mechanism with
ldap_sasl_bind and ldap_sasl_bind_s functions. The functions return
LDAP_SUCESS or LDAP_SERVER_DOWN depends on parameters I've feed them.
But it seems no request is sending to the LDAP server. And the same
result when I try to use other SASL mechanism or even anonymouse bind.
But since I use ldap_simple_bind, ldap_simple_bind_s everything is ok
and I see my requests on a log console of my OpenLDAP server. What am
I doing wrong? Should I set some connection options befor making SASL
bind. Or call some functions for extra initialization?... I found
nothing related to subject on the internet. So, will be extremely
greatful for code examples of SASL bind with microsoft client API.
James.Message 2 in thread
From: Jason Robarts [MS] ([email protected])
Subject: Re: LDAP SASL bind problem.
View this article only
Newsgroups: microsoft.public.win2000.active_directory
Date: 2002-11-19 13:52:28 PST
If this message appears twice, please excuse.
Have you used Netmon to verify you aren't sending anything to the server?
Are you providing the SASL cred yourself when using these functions?
Windows will construct the cred if you use ldap_bind_s() but not
ldap_sasl_bind*. If you use LDAP_AUTH_DIGEST using the ldap_bind_s() you
will send a Digest bind on Win XP.
I'd recommend using ldap_init and ldap_connect to get a connection to the
server. This allows you to set options before attempting the connect and
you'll see if you get a connection to the server. Then you can use a bind
function. It just makes the bind call a true bind call as if you don't
specify a ldap_connect it needs to connect behind the scenes.