LDAP Connection Options

Using the mldap_logon[_ex] function, you control the way you login to the LDAP server.

When specifying the URL of the LDAP server, you specify how to connect and with what credentials.

When specifying the server's URL, use the following format:

ldap[s][username:[password]@][server[:port]]

The following table shows several examples of connections to LDAP servers.

Syntax
Description
ldap://a:b@server.com:389
Connects to the server (to 389 port) and then binds with username "a" , password "b"
ldap://:@server.com
Connects to server (to default unsecured port 389) then binds anonymously with a NULL username and password
ldaps://a:@server.com
Connects to server (to default secured port 636) and then binds with username "a", password ""
ldap://@server.com, ldap://server.com
Connects to server without binding
ldap://a:b@
Binds with username "a", password "b, executing a bind on the existing session without reconnecting
ldap://:@
Binds anonymously with a NULL username and password (executes bind on existing session without reconnecting)

You can also specify LDAP modes or SSL certificates using the following optional arguments:

  • Mode. The LDAP call mode: Sync or Async

  • Timeout. The maximum time in seconds to search for the LDAP server

  • Version. The version of the LDAP protocol version 1,2, or 3

  • SSLCertDir. The path to the SSL certificates database file (cert8.db)

  • SSLKeysDir. The path to the SSL keys database file (key3.db)

  • SSLKeyNickname. The SSL key nickname in the keys database file

  • SSLKeyCertNickname. The SSL key's certificate nickname in the certificates database file

  • SSLSecModule. The path to the SSL security module file (secmod.db)

  • StartTLS. Requires that the StartTLS extension's specific command must be issued in order to switch the connection to TLS (SSL) mode

For detailed information about these arguments, see the Function Reference.

Back to top