Hello,
Shouldn't ldap_sals_bind fail if wrong credentials are given? Or am I checking the bind result in wrong way? I pass wrong password or username and still can't get BIND ERROR.
#include <stdio.h> #include <ldap.h> #include <stdlib.h>
#define HOST "x.x.x.x"
int main (int argc, char **argv) {
char *UID = argv[1]; char *PASSWD = argv[2];
char BASEDN[80]; strcpy(BASEDN, "eduPersonPrincipalName="); strcat(BASEDN, UID); strcat(BASEDN, "@ex.com,ou=People,ou=Users,dc=ex,dc=com");
LDAP *ld; char *ldapuri = NULL;
LDAPURLDesc url; memset( &url, 0, sizeof(url)); url.lud_scheme = "ldap"; url.lud_host = HOST; url.lud_port = LDAP_PORT; url.lud_scope = LDAP_SCOPE_DEFAULT; ldapuri = ldap_url_desc2str( &url );
int rc, msgid, version = LDAP_VERSION3;
struct berval passwd = {0, NULL}; passwd.bv_val = PASSWD; passwd.bv_len = strlen(PASSWD);
LDAPControl c; LDAPControl **sctrlsp = NULL; LDAPControl *sctrls[3]; LDAPControl sctrl[3]; int nsctrls = 0;
c.ldctl_oid = LDAP_CONTROL_PASSWORDPOLICYREQUEST; c.ldctl_value.bv_val = NULL; c.ldctl_value.bv_len = 0; c.ldctl_iscritical = 1; sctrl[nsctrls] = c; sctrls[nsctrls] = &sctrl[nsctrls]; sctrls[++nsctrls] = NULL; sctrlsp = sctrls;
if((rc = ldap_initialize(&ld, ldapuri)) != LDAP_SUCCESS) { printf("LDAP_INIT Error\n"); return 1; }
ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); ldap_set_option(ld, LDAP_OPT_REFERRALS, 0); ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, sctrlsp);
if((rc = ldap_sasl_bind(ld, BASEDN, LDAP_SASL_SIMPLE, &passwd, NULL, NULL, &msgid)) != LDAP_SUCCESS) { printf("BIND ERROR\n"); return 1; }
return 0;
}
Regards, Andrius
openldap-technical@openldap.org