Little update...i managed to get it to work :-)
It looks like it was the option "LDAP_OPT_X_TLS_ALLOW" i have to set. Unfortunately i did it on the wrong position in my code. Now this option is the first thing i do, even prior the initialization.
Nevertheless "LDAP_START_TLS_S" returns 3 errors: 1.unable to get local issuer certificate, 2. certificate not trusted, 3.unable to verify the first certificate. I think the 2nd and 3rd appear because the server uses a self signed certificate?
One question i still have on my mind. I am only able to compile my client by including the library "sasl2" although i am not using "ldap_sals_bind" or anything like that. Is it possible expel sasl from my program or do i have to use that library?

Regards Martin

DISCLAIMER: Privileged and/or Confidential information may be contained in this message. If you are not the addressee of this message, you may not copy, use or deliver this message to anyone. In such event, you should destroy the message and kindly notify the sender by reply e-mail. It is understood that opinions or conclusions that do not relate to the official business of the company are neither given nor endorsed by the company. Thank You.