Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Lightweight Directory Access Protocol
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Bind (authenticate)=== When an LDAP session is created, that is, when an LDAP client connects to the server, the '''authentication state''' of the session is set to anonymous. The BIND operation establishes the authentication state for a session. Simple BIND and SASL PLAIN can send the user's DN and password in [[plaintext]], so the connections utilizing either Simple or SASL PLAIN should be encrypted using [[Transport Layer Security]] (TLS). The server typically checks the password against the <code>userPassword</code> attribute in the named entry. Anonymous BIND (with empty DN and password) resets the connection to anonymous state. [[Simple Authentication and Security Layer|SASL]] (Simple Authentication and Security Layer) BIND provides authentication services through a wide range of mechanisms, e.g. [[Kerberos (protocol)|Kerberos]] or the [[client certificate]] sent with TLS.<ref>[https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xml SASL Mechanisms at IANA]</ref> BIND also sets the LDAP protocol version by sending a version number in the form of an integer. If the client requests a version that the server does not support, the server must set the result code in the BIND response to the code for a protocol error. Normally clients should use LDAPv3, which is the default in the protocol but not always in LDAP libraries. BIND had to be the first operation in a session in LDAPv2, but is not required as of LDAPv3. In LDAPv3, each successful BIND request changes the authentication state of the session and each unsuccessful BIND request resets the authentication state of the session.
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Lightweight Directory Access Protocol
(section)
Add topic
