I am very new ldap programming, so bear with me if my query is naive.
I am trying to write a program using the OpenLDAP SDK.
The program should take an LDAP servername/port, a CN & a password.
The program should then report if the CN/password combination is correct
or incorrect.
This is how I am trying to do this.
[ error checks removed for making it simple]
LDAP *pldap;
ldap_initialize(&pldap, "ldap://myhost:389) ;
int desired_version = LDAP_VERSION3;
ldap_set_option(pldap, LDAP_OPT_PROTOCOL_VERSION, &desired_version);
int ret = ldap_bind_s(pldap,
"uid=Jack,ou=People,dc=vss,dc=veritas,dc=com", "jack123",
LDAP_AUTH_SIMPLE);
if(ret == LDAP_SUCCESS)
puts("VERIFIED");
else
puts("FAILURE");
This works fine for for Jack/jack123.
I have another user in the directory - John who has a null/empty password
I tried both
ldap_bind_s(pldap, "uid=John,ou=People,dc=vss,dc=veritas,dc=com",
NULL, LDAP_AUTH_SIMPLE);
ldap_bind_s(pldap, "uid=John,ou=People,dc=vss,dc=veritas,dc=com", "",
LDAP_AUTH_SIMPLE);
Both cases ldap_bind_s returns 53 - which I think means LDAP UNWILLING
TO PERFORM
I know the server allows null passwords.