[Date Prev][Date Next]
Order of calling ldap_bind_s() and ldap_start_tls_s()
I wonder how a generic LDAP client should behave when connecting to
an unknown LDAP server with unknown version/features/extensions and
Start TLS should be used if available.
At the moment I'm trying to do a LDAPv3 bind and switch back to
LDAPv2 if the server returns LDAP_UNSUPPORTED_VERSION. However the
error is only returned after doing a ldap_bind_s().
Now I would like to know if it's appropriate to try a LDAPv3 bind,
read the root DSE and use ldap_starttls_s() afterwards if the server
announces Start TLS (220.127.116.11.4.1.1466.20037) in attribute
supportedExtension of its root DSE.