如何使用ldap_simple_bind_s绑定到活动目录服务器（ldaps：//）

Question

我编写了一个示例程序来验证ldaps服务器上的用户，程序如下：

    #define LDAP_DEPRECATED 1  
    #define HOST "ldaps://10.10.10.10:636"
    #define BASEDN "cn=Manager,dc=example,dc=com"

    int main(){
    LDAP *ld = NULL,*ld2=NULL;
    int returnCode = 0,rc=0;
    int reqcert = LDAP_OPT_X_TLS_NEVER;

    const int ldap_version=LDAP_VERSION3;
    char *dn,*outvalue;




    if(ldap_initialize(&ld, HOST))
    {
        perror( "ldap_initialize" );
        TRACE("LDAP initialized Failed");
        return( 1 );
    }

    TRACE("LDAP initialized Successfully");

    TRACE("Going to set Protocol version to 3.\n");

    returnCode = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void *)&ldap_version);

    if (returnCode != LDAP_SUCCESS)
        return 1;

    TRACE("Setting Protocol version to 3");


    returnCode = ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);


    if (returnCode != LDAP_SUCCESS)
    {
        TRACE("LDAP_OPT_X_TLS_REQUIRE_CERT failed :"<<ldap_err2string(returnCode));
        TRACE("Return Code :"<<returnCode);
        return 1;
    }



    returnCode = ldap_bind_s(ld,BASEDN,"hello123",LDAP_AUTH_SIMPLE);

    if( returnCode != LDAP_SUCCESS )
    {
            TRACE("Authentication Failed, nessage returned is :"<<ldap_err2string(returnCode));
            TRACE("Error code value returned is :"<<returnCode);
        fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(returnCode) );
        return( 1 );
    }
    TRACE("Successful authentication for admin user");


    rc = ldap_search_ext_s(ld,"dc=example,dc=com", LDAP_SCOPE_SUBTREE,"uid=ldapuser1", NULL, 0, NULL, NULL, NULL, 0, &result);
    if ( rc != LDAP_SUCCESS ) {
            TRACE ("DN search failed, error message returned is :"<<ldap_err2string(rc));
            TRACE ("Error code returned is :"<<rc);
        fprintf(stderr, "ldap_search_ext_s: %s\n", ldap_err2string(rc));
    }
    else if (rc == LDAP_SUCCESS)
        {
            TRACE("DN successfully searched ");
        }

    for ( e = ldap_first_entry( ld, result ); e != NULL; e = ldap_next_entry( ld, e ) ) {
        if ( (dn = ldap_get_dn( ld, e )) != NULL )
            {
                printf( "dn: %s\n", dn );
                ldap_initialize(&ld2,HOST);

            rc=ldap_simple_bind_s(ld2,dn,"ldapuser1");

             TRACE("Result Here  "<<rc);
             if (rc != 0)
              {
                printf("Failed.\n");
              } else {
                printf("Works.\n");

                ldap_unbind(ld2);
                }
         ldap_memfree( dn );

         return 0;
     }
   }
   ldap_msgfree( result );
   printf("ldap entry not found \n");

}

此程序在第一次绑定操作期间始终失败，并显示消息＆＃34;无法联系LDAP服务器＆＃34;并且返回代码为-1，我也尝试使用ldap_simple_bind_s，但结果相同，但是如果我将URL更改为ldap：//10.10.10.10：389

，则相同的程序可以正常工作

在ldap.conf文件中

TLS_REQCERT永远不会

条目已经存在。有人可以帮忙吗？