Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bind requests are used to connect and to authenticate the user to an LDAP directory. The CA MUST perform bind requests as follows:
Invoke the "Setting an LDAP Option on an ADConnection" task ([MS-ADTS] section 7.6.1.2) once for each of the pairs of option and value parameters in the following table. For each of these, the TaskInputADConnection parameter is the ActiveDirectory_Connection.
TaskInputOptionName
TaskInputOptionValue
LDAP_OPT_GETDSNAME_FLAGS
Bitwise OR of the bits J and R, as defined by [MS-NRPC] section 3.5.4.3.1
LDAP_OPT_SIGN
TRUE
LDAP_OPT_REFFERALS
FALSE
Invoke the "Performing an LDAP Bind on an ADConnection" task (see [MS-ADTS] section 7.6.1.4) with the following parameters:
TaskInputADConnection: ActiveDirectory_Connection
If the TaskReturnStatus returned is not 0:
Repeat steps 1 and 2.
If the TaskReturnStatus returned is not 0, convert it to a 4-byte HRESULT value (errors are specified in [MS-ERREF] section 2.1) by performing the processing rules in section 3.2.2.1.7 with the following input parameters:
InputReturnStatus: TaskReturnStatus
InputResultMessage: NULL
Return the OutputHRESULT output parameter to the client and exit.