I am very new ldap programming, so bear with me if my query is naive.
I am trying to write a program using the OpenLDAP SDK. The program should take an LDAP servername/port, a CN & a password. The program should then report if the CN/password combination is correct or incorrect.
This is how I am trying to do this. [ error checks removed for making it simple]
LDAP *pldap; ldap_initialize(&pldap, "ldap://myhost:389) ;
int desired_version = LDAP_VERSION3; ldap_set_option(pldap, LDAP_OPT_PROTOCOL_VERSION, &desired_version);
int ret = ldap_bind_s(pldap, "uid=Jack,ou=People,dc=vss,dc=veritas,dc=com", "jack123", LDAP_AUTH_SIMPLE);
if(ret == LDAP_SUCCESS) puts("VERIFIED"); else puts("FAILURE");
This works fine for for Jack/jack123.
I have another user in the directory - John who has a null/empty password
I tried both ldap_bind_s(pldap, "uid=John,ou=People,dc=vss,dc=veritas,dc=com", NULL, LDAP_AUTH_SIMPLE);
ldap_bind_s(pldap, "uid=John,ou=People,dc=vss,dc=veritas,dc=com", "", LDAP_AUTH_SIMPLE);
Both cases ldap_bind_s returns 53 - which I think means LDAP UNWILLING TO PERFORM
I know the server allows null passwords.