[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap_simple_bind_s (null) vs "" for password

 I have a question relating to ldap_simple_bind_s. This issue comes up
when I try with an 2003 Active Directory, but I am using OpenLDAP API to
talk to this server.

 a brief sequence of steps:

 1) ldap_simple_bind_s (correct dn, correct password)
 2) ...
 3) ldap_simple_bind_s (correct dn, "") *
 4) ldap_simple_bind_s (correct dn, incorrect password) **
 5) ldap_simple_bind_s (correct dn, 0) ***
 6) ...
 7) ldap_unbind_s

3) * - succeeds!!
4) ** - fails as expected.
5) *** - succeeds!!

I tried the same with slapd, but as expected 3,4,5 fail.

I am confused as to why 3 succeeds, sladp doesnt allow (dn with no
password), maybe Ad2003 allows this, but no password is (null) or 0 as in
5, but how does 3 succeed..?

with 3,5 if i try to do any other operation in 6 like ldap_search_s it
fails with the following message:
LdapErr: DSID-0C0905FF, comment: In order to perform this operation a
successful bind must be completed on the connection., data 0, vece

Any suggestions as to how i can correct this ?