Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Lightweight Directory Access Protocol
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Bind (authenticate)=== When an LDAP session is created, that is, when an LDAP client connects to the server, the '''authentication state''' of the session is set to anonymous. The BIND operation establishes the authentication state for a session. Simple BIND and SASL PLAIN can send the user's DN and password in [[plaintext]], so the connections utilizing either Simple or SASL PLAIN should be encrypted using [[Transport Layer Security]] (TLS). The server typically checks the password against the <code>userPassword</code> attribute in the named entry. Anonymous BIND (with empty DN and password) resets the connection to anonymous state. [[Simple Authentication and Security Layer|SASL]] (Simple Authentication and Security Layer) BIND provides authentication services through a wide range of mechanisms, e.g. [[Kerberos (protocol)|Kerberos]] or the [[client certificate]] sent with TLS.<ref>[https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xml SASL Mechanisms at IANA]</ref> BIND also sets the LDAP protocol version by sending a version number in the form of an integer. If the client requests a version that the server does not support, the server must set the result code in the BIND response to the code for a protocol error. Normally clients should use LDAPv3, which is the default in the protocol but not always in LDAP libraries. BIND had to be the first operation in a session in LDAPv2, but is not required as of LDAPv3. In LDAPv3, each successful BIND request changes the authentication state of the session and each unsuccessful BIND request resets the authentication state of the session.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)