[Date Prev][Date Next] [Chronological] [Thread] [Top]

simple bind vs "who am i"



Hi,

Because I have to use the Microsoft LDAP api (winldap.h) to do requests on an OpenLDAP server, I encounter a situation where I have to ensure that I am authenticated (it's due to a ms bug that makes the connection autoreconnect when it has been broken, but _without_ doing a bind again, so you get anonymous instead of your previous authenticated state).

I have several solutions :
- doing a bind before each operation
- performing a "who am i" extended operation before each operation
- performing an ldap operation on the directory that can only (because of access rights rules) be performed while authenticated, before each operation


In your opinion, which is the less expensive in server ressources with the OpenLDAP' slapd?

Additional question : are the extended operations dependent on the client api ? And if yes, does anymone know (I am a bit OT here) if the ms ldap api supports it ?

Thank you very much

François