[Date Prev][Date Next] [Chronological] [Thread] [Top]

Order of calling ldap_bind_s() and ldap_start_tls_s()


I wonder how a generic LDAP client should behave when connecting to
an unknown LDAP server with unknown version/features/extensions and
Start TLS should be used if available.

At the moment I'm trying to do a LDAPv3 bind and switch back to
LDAPv2 if the server returns LDAP_UNSUPPORTED_VERSION. However the
error is only returned after doing a ldap_bind_s().

Now I would like to know if it's appropriate to try a LDAPv3 bind,
read the root DSE and use ldap_starttls_s() afterwards if the server
announces Start TLS ( in attribute
supportedExtension of its root DSE.

Ciao, Michael.