Adp20050312::直接使用LDAP APIAdp20050312::直接使用LDAP API
ASDI是基于COM的,我们以后说。先看看比较直接的LDAP API。
Lightweight Directory Access Protocol 在下面RFC中有详细说明:
l RFC 2251 Lightweight Directory Access Protocol (v3)
l RFC 2252 Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions
l RFC 2253 Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names
l RFC 2254 The String Representation of LDAP Search Filters
l RFC 2255 The LDAP URL Format
l RFC 2256 A Summary of the X.500(96) User Schema for use with LDAPv3
l RFC 2829 Authentication Methods for LDAP
l RFC 2696 LDAP Control Extension for Simple Paged Results Manipulation
l RFC 1487 X.500 Lightweight Directory Access Protocol (covers version 1, now obsolete)
l RFC 1777 X.500 Lightweight Directory Access Protocol (covers LDAPv2)
l RFC 1798 Connection-less Lightweight X.500 Directory Access Protocol
l RFC 1823 The LDAP Application Program Interface
l RFC 2247 Using Domains in LDAP/X.500 Distinguished Names
l RFC 2377 Naming Plan for Internet Directory-Enabled Applications
其中的RFC1823定义了其中可以供c语言使用的API。
可以访问下面地址来熟悉LDAP
http://www.openldap.org/
http://computer.mblogger.cn/mwg_arden/posts/29816.aspx
最好还是看RFC
我们给出一个c程序 LDAPEnumTop.c 此程序是Charles Oppermann先生著作《windows 2000 active directory programming》中的:
#include <windows.h>
#include <stdio.h>
#include <winldap.h>
void main( )
{
PLDAP pldapSession; // LDAP session data
PLDAPMessage plmsgSearchResponse; // Server allocated response to
// search request
PLDAPMessage plmsgEntry; // Server allocated response to entry request
PCHAR pszDN; // LDAP distinguished name string
PCHAR* ppszDomainDN = NULL; // Domain DN (string allocated by LDAP
// library)
// Start an LDAP session to nearest LDAP server
pldapSession = ldap_init( NULL, LDAP_PORT );
// Authenticate using user's current credentials
ldap_bind_s( pldapSession, NULL, NULL, LDAP_AUTH_NEGOTIATE );
// Search the root of the LDAP server
ldap_search_s ( pldapSession, // Session handle
NULL, // Location to start search, NULL specifies top
// level
LDAP_SCOPE_BASE, // Search only the root entry (rootDSE)
NULL, // Search for all objects (only one for the
// RootDSE)
NULL, // No attributes specified, return all attributes
FALSE, // Return attributes types and values
&plmsgSearchResponse ); // Server allocates and fills
// with search results
// Using the defaultNamingContext attribute, get the distinguished
// name of the domain
ppszDomainDN = ldap_get_values( pldapSession, plmsgSearchResponse,
"defaultNamingContext");
// Display info
printf("Listing objects at %s.\nPress CTRL+C to interrupt.\n",
*ppszDomainDN);
// Search first level of root container
ldap_search_s ( pldapSession, // Session handle
*ppszDomainDN, // Location in directory to start search
LDAP_SCOPE_ONELEVEL, // Search first level below the
// base entry
NULL, // Search for all objects
NULL, // No attributes specified, return all attributes
FALSE, // Return attributes types and values
&plmsgSearchResponse ); // Server allocates and fills
// with search results
// Get the first entry from the search results
plmsgEntry = ldap_first_entry( pldapSession, plmsgSearchResponse );
while ( plmsgEntry ) {
// Get the distinguished name of the entry
pszDN = ldap_get_dn ( pldapSession, plmsgEntry );
// Print the DN of the entry
printf("%s\n", pszDN);
// Get next entry
plmsgEntry = ldap_next_entry( pldapSession, plmsgEntry );
}
// Instruct the library to free the search results
ldap_msgfree( plmsgSearchResponse );
// Free string allocated by the LDAP API
ldap_value_free ( ppszDomainDN );
// Close the session
ldap_unbind( pldapSession );
}
在编译这个c程序时候需要引用wldap32.lib库。如果是vc环境直接在link选项卡中添加就可以,在命令行模式如cl,需要添加编译选项:cl ldapenumtop.c /link wldap32.lib
程序运行结果在我们的测试环境中显示如下:
回想一下,那个只有7行语句并且有两行是用来i/o显示输出的vbs代码得到了相同的效果,但是不要对c失望,以后你会发现它的优势。
其中的结构细节,是不公开的如ldap struct、LDAPMessage struct。在msdn中他们的结构是不公开的,下面的文章讲解了这些结构:
http://computer.mblogger.cn/mwg_arden/posts/29882.aspx
使用LDAP的优缺点:
优点:LDAP API 提供对目录信息快速低需求的低等级访问。并且在符合RFC1823的平台上它都可以很好的工作。
缺点:这个非面向对象的API,在非C编程环境下使用很困难。
MSDN上对LDAP有详细的介绍大家可以去参考:
今天msdn怎么都连不上去大家自己找位置吧
