[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: getting passwordpolicy from ldap_sasl_bind

Kenneth Rogers wrote:
> Hi,
> I've been asked to have our client report back if a password is
> expired, and it looks like using the ldap_passwordpolicy_* functions
> are the way to do it, but the example (clients/tools/common.c) in the
> code level we're using (2.3.24) is still using ldap_bind, and getting
> the ctrls from ldap_parse_result.  Our code is using ldap_sasl_bind
> because ldap_bind is deprecated, Will I need to use the serverctrlsp
> pointer passed into ldap_sasl_bind to get the password policy?

No, ldap_sasl_bind() only receives controls as input parameters.  You
need to pass ldap_sasl_bind() the __request__ for the password policy
control.  You'll get the control response by parsing the result, namely
by ldap_parse_result(), as usual.  This is exemplified in OpenLDAP 2.4's
common.c, where all references to deprecated functions have been
removed.  I recommend you upgrade to at least 2.3.39 anyway, and 2.4 is
a valid choice as well.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it