ldap_set_option for LDAP_OPT_REFERRALS return LDAP_PARAM_ERROR on windows 2000

Tech-Archive recommends: Speed Up your PC by fixing your registry

Hello,

I have a problem using Microsoft LDAP API, I have attached an example
program that works fine on windows 2003 but fails on windows 2000
server SP4.

The program fails (with code 0x59 - LDAP_PARAM_ERROR) in the
ldap_set_option call when i am trying to set the LDAP_OPT_REFERRALS to
LDAP_OPT_OFF, the example program is:



#include <stdio.h>

#include <windows.h>
#include <winldap.h>

int main(int argc, char** argv)
{
LDAP* ld = NULL;
INT iRtn = 0;
INT connectSuccess = 0;
PCHAR pHost = NULL;
ULONG version = LDAP_VERSION3;
ULONG uOpt;
//SecPkgContext_ConnectionInfo sslInfo;
LONG lv = 0;

// Verify that the user passed a hostname.
if (argc > 1)
{
pHost = argv[1];
printf("\nConnecting to host \"%s\" ...\n",pHost);
}
// If not, perform a 'serverless' bind.
else
{
pHost = NULL;
printf("\nConnecting to DEFAULT LDAP host ...\n");
}

// Create an LDAP session.
ld = ldap_sslinit(pHost,LDAP_PORT,0);
if (ld == NULL)
{
printf( "ldap_sslinit failed with 0x%x.\n",GetLastError());
return -1;
}

// Specify version 3; the default is version 2.
printf("Setting Protocol version to 3.\n");
iRtn = ldap_set_option(ld,
LDAP_OPT_PROTOCOL_VERSION,
(void*)&version);
if (iRtn != LDAP_SUCCESS)
goto FatalExit;

// Specify version 3; the default is version 2.
printf("Setting Ref\n");
//uOpt = LDAP_OPT_OFF
iRtn = ldap_set_option(ld,
LDAP_OPT_REFERRALS,
LDAP_OPT_OFF);
if (iRtn != LDAP_SUCCESS)
goto FatalExit;

// Bind with current credentials.
printf("Binding ...\n");
iRtn =
ldap_bind_s(ld,"cn=administrator,cn=users,dc=infradc,dc=com","Local",LDAP_AUTH_SIMPLE);
if (iRtn != LDAP_SUCCESS)
goto FatalExit;


goto NormalExit;

// Cleanup.
NormalExit:
if (ld != NULL)
ldap_unbind_s(ld);
return 0;

// Cleanup after an error.
FatalExit:
if( ld != NULL )
ldap_unbind_s(ld);
printf( "\n\nERROR: 0x%x\n", iRtn);
return iRtn;
}



If instead of using the LDAP_OPT_OFF as parameter to the function
(which is correct according to the documentation) I will set a local
variable (uOpt) to that value and use it as input to the function it
will work on windows 2000 & windows 2003.

Is this a bug in windows API / Documentation? Or maybe I am doing
something wrong?
What is the recommended way to do this?

Thanks,
Hagai.

.

Relevant Pages

  • Re: Avoid using DNS for hostname name resolution in ldap_bind_s
    ... Try to add the following record in your hosts as an alias of your A ... How ping resolves the server name is how LDAP resolvs it. ... INT iRtn = 0; ... goto FatalExit; ...
    (microsoft.public.windows.server.active_directory)
  • Re: Authenticating LDAP connection with current windows users credentials?
    ... setup and theory behind an ldap ... The Kerberos only works with ADS right now but that is sufficient for your situation. ... when the user has logged in interactively and therefore has a valid Kerberos ticket cached in Windows logon credential cache. ... CallbackHandler callbackHandler = new KerbCallback; ...
    (comp.lang.java.programmer)
  • can not log into a windows machine connected to a domain managed by samba/ldap
    ... by samba to create the entry in ldap when a machine joins the domain ... I have changed "smb.conf" so it calls a personal script instead of ... Once the this problem has been solved, I could not log into the windows ...
    (Debian-User)
  • Re: Exchange nur für Kalender, IMAP & Adress-Buch extern - geht das?
    ... Userdaten & Passwörter von einem plain LDAP Server zu holen. ... Hinweise immer interessieren :-) Was ich habe an Doku ist die Windows ... Adrian Gschwend ...
    (microsoft.public.de.exchange)
  • Re: LDAP Queries never work
    ... Doing that pulls up the Windows Address Book which is generally not considered an LDAP browser, if you have properly configured the application it can work but it rarely is ever configured.... ... Joe Richards Microsoft MVP Windows Server Directory Services ... We setup our AD network a few years ago wtih four domain controllers and four sites. ...
    (microsoft.public.win2000.active_directory)