LDAP:Light Directory Access Protocol。
Domain(域):是Windows 2000活动目录的核心单元,即AD的核心单元,是共享同一活动目录的一组计算机集合。
好多朋友认为两者是一个东西,认为只要LDAP的API:ldap_bind_s()
执行成功就是相当于你已经成功登录到域里面,并且已经通过了域的验证。
具体代码如下:
#include <windows.h>
#include <winldap.h>
#include <tchar.h>
LDAP *ld;
SEC_WINNT_AUTH_IDENTITY AuthId;
ULONG AuthMethod;
TCHAR szDomain[128] = _T("sample.domain.com");
TCHAR szUserName[128] = _T("admin");
TCHAR szPassword[128] = _T("adminpass");
// Set up AuthId for NTLM authentication
AuthId.User = _tcslen(szUserName) ? szUserName : NULL;
AuthId.UserLength = _tcslen(szUserName);
AuthId.Domain = _tcslen(szDomain) ? szDomain : NULL;
AuthId.DomainLength = _tcslen(szDomain);
AuthId.Password = _tcslen(szPassword) ? szPassword : NULL;
AuthId.PasswordLength = _tcslen(szPassword);
#ifdef UNICODE
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
#else
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
#endif
AuthMethod = LDAP_AUTH_NTLM;
if( (ld = ldap_init( _T("server.sample.domain.com"), 389 )) == NULL )
{
// Error
}
ldap_bind_s( ld, NULL, (TCHAR *) &AuthId, AuthMethod );
#include <tchar.h>
LDAP *ld;
SEC_WINNT_AUTH_IDENTITY AuthId;
ULONG AuthMethod;
TCHAR szDomain[128] = _T("sample.domain.com");
TCHAR szUserName[128] = _T("admin");
TCHAR szPassword[128] = _T("adminpass");
// Set up AuthId for NTLM authentication
AuthId.User = _tcslen(szUserName) ? szUserName : NULL;
AuthId.UserLength = _tcslen(szUserName);
AuthId.Domain = _tcslen(szDomain) ? szDomain : NULL;
AuthId.DomainLength = _tcslen(szDomain);
AuthId.Password = _tcslen(szPassword) ? szPassword : NULL;
AuthId.PasswordLength = _tcslen(szPassword);
#ifdef UNICODE
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
#else
AuthId.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
#endif
AuthMethod = LDAP_AUTH_NTLM;
if( (ld = ldap_init( _T("server.sample.domain.com"), 389 )) == NULL )
{
// Error
}
ldap_bind_s( ld, NULL, (TCHAR *) &AuthId, AuthMethod );
本人认为LDAP和Domain不是一个东西,欢迎批评指正..