Re: ldap_bind() extended response for password policy

[Andrius Kulbis <andrius.kulbis@ktu.lt>]

2013-07-28 22:33, Philip Guenther raÅÄ:
> On Sun, 28 Jul 2013, Howard Chu wrote:
> > Andrius Kulbis wrote:
> > > I'm trying to pull the password policy response message from ldap_bind()
> > > method.
> ...
> > Use ldap_parse_result().
> Also, ldap_bind() has apparently been deprecated since at least OpenLDAP
> 2.0.15 in 2001.  Use ldap_sasl_bind() instead, passing LDAP_SASL_SIMPLE as
> the mechanism.
>
>
> Philip Guenther

#define LDAP_DEPRECATED 1
#include <stdio.h>
#include <ldap.h>
/* Specify the search criteria here. */

#define HOSTNAME "x.x.x.x"

#define PORTNUMBER 389

#define BASEDN "eduPersonPrincipalName=x@x,ou=People,ou=Users,dc=x,dc=x"

#define SCOPE LDAP_SCOPE_SUBTREE

#define FILTER "(uid=x)"


int main ()
{

LDAP *ld;
LDAPMessage *result, *e;
char *dn, *cert;
char **vals;
int rc;
LDAPMessage *res;
char *a;
int version, i;
BerElement *ber;

if((ld = ldap_init( HOSTNAME, 389 )) == NULL)
{
perror("ldap_init");
return 0;
}

version = LDAP_VERSION3;
ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);

if((rc = ldap_simple_bind_s (ld, BASEDN, "xxxx")) != LDAP_SUCCESS)
{
fprintf (stderr, "ldap_simple_bind_s: %s\n", ldap_err2string (rc));
return (1);
}


rc = ldap_search_ext_s (ld, BASEDN, SCOPE, FILTER, NULL, 0, NULL, NULL, 
NULL, 0, &result);

char *retoidp;
struct berval *retdatap;

ldap_parse_extended_result( ld, result,&retoidp, &retdatap ,1 );

ldap_unbind (ld);
return (0);
}

What are my mistakes, I still can manage to pull out the ppolicy message 
(password will expire in...) ?

------
Pagarbiai,
Andrius Kulbis