I'm an openldap beginner and I've been experimenting with some simple openldap
examples. Essentially, I had some sample code that tried to initiate an asynchronous bind
to a slapd. My program made calls to the library using the following functions in this
ldap_sasl_bind(..., LDAP_SASL_SIMPLE, ...);
// check ldap_result return code == -1 and result pointer != NULL
// check ldap_parse_sasl_bind_result return code
The code appears to work with a correct DN and password. But strangely enough I didn't
get any errors either when I supplied an incorrect password. When I inspect the packet
traffic between the client and the slapd, the slapd responds as expected to the two binds
(invalid credentials -> incorrect password) and (success -> correct password).
I spent hours debugging to no avail and then finally decided to try out ldapwhoami which
catches the invalid credentials... Looking at the source code for ldapwhoami revealed that
ldapwhoami uses ldap_parse_result when binding with ldap_sasl_bind(LDAP_SASL_SIMPLE). This
practice wasn't immediately obvious to me.
1. Does ldap_parse_sasl_bind_result work for processing responses to
2. If the answer to (1.) is in fact no, wouldn't it be more intuitive to get
ldap_parse_sasl_bind_result to also handle the LDAP_SASL_SIMPLE case?
3. Is there a simple way to determine whether or not a response received in ldap_result is
a bind response to LDAP_SASL_SIMPLE or do I have to store my bind request type and
correlate this using the message id when the response returns?
Reinvent how you stay in touch with the new Windows Live Messenger.