[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: getting passwordpolicy from ldap_sasl_bind

To: Kenneth Rogers <kenneth.rogers@gmail.com>
Subject: Re: getting passwordpolicy from ldap_sasl_bind
From: Pierangelo Masarati <ando@sys-net.it>
Date: Wed, 13 Feb 2008 07:04:58 +0100
Cc: openldap-software@openldap.org
In-reply-to: <2b53a99c0802121303s26af28b8v91e28c70d6f4c4c9@mail.gmail.com>
References: <2b53a99c0802121303s26af28b8v91e28c70d6f4c4c9@mail.gmail.com>
User-agent: Mail/News 1.5.0.8 (X11/20061210)

Kenneth Rogers wrote:
> Hi,
> 
> I've been asked to have our client report back if a password is
> expired, and it looks like using the ldap_passwordpolicy_* functions
> are the way to do it, but the example (clients/tools/common.c) in the
> code level we're using (2.3.24) is still using ldap_bind, and getting
> the ctrls from ldap_parse_result.  Our code is using ldap_sasl_bind
> because ldap_bind is deprecated, Will I need to use the serverctrlsp
> pointer passed into ldap_sasl_bind to get the password policy?

No, ldap_sasl_bind() only receives controls as input parameters.  You
need to pass ldap_sasl_bind() the __request__ for the password policy
control.  You'll get the control response by parsing the result, namely
by ldap_parse_result(), as usual.  This is exemplified in OpenLDAP 2.4's
common.c, where all references to deprecated functions have been
removed.  I recommend you upgrade to at least 2.3.39 anyway, and 2.4 is
a valid choice as well.

p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------

References:
- getting passwordpolicy from ldap_sasl_bind
  - From: "Kenneth Rogers" <kenneth.rogers@gmail.com>

Prev by Date: Re: [JunkMail] Re: Any problems with X.509v3 Extensions?
Next by Date: Re: OpenLDAP Servers and Availability
Index(es):
- Chronological
- Thread