LDAP Security Model

LDAP 3.0 supports various security mechanisms for authenticating to an LDAP server. Windows CE supports the following security methods that can be used for authentication: Cleartext passwords, and Windows NT® LAN Manager (NTLM) and Negotiate. The Negotiate security package selects between Kerberos and NTLM. The Negotiate security package selects Kerberos unless it cannot be used by one of the systems involved in the authentication.

The bind operation identifies the person (or device or application) that is trying to connect to the server by providing a distinguished name and some type of authentication credential, such as a password. The exact credentials depend on the authentication method being used. The ldap_simple_bind functions use a cleartext password for authentication. Call the ldap_bind or ldap_bind_s function to use authentication services, such as NTLM. Note that ldap_bind is not supported for Negotiate.

See Also

LDAP Client

 Last updated on Friday, April 09, 2004

© 1992-2003 Microsoft Corporation. All rights reserved.