SAS 9.1.3 Integration Technologies » Developer's Guide

LDAP CALL Routine Interface
LDAPS_ADD
LDAPS_ATTRNAME
LDAPS_ATTRVALUE
LDAPS_CLOSE
LDAPS_DELETE
LDAPS_ENTRY
LDAPS_FREE
LDAPS_MODIFY
LDAPS_OPEN
LDAPS_SETOPTIONS
LDAPS_SEARCH
Coding Examples
Adding a Directory Entry to an LDAP Server
Searching an LDAP Directory
Directory Services

LDAPS_OPEN

Opens a connection to an LDAP server.

Syntax

CALL LDAPS_OPEN(lHandle, ldapServerName, port, base, bindDN, password, rc, <options>);

lHandle
Numeric, output.
Returns a connection handle that is used in subsequent CALL routines to access the LDAP server session.

ldapServerName
Character, input.
Identifies the LDAP server that is to be connected to. If blank, the value defaults to the host that issued the CALL. Otherwise, the value must be the DNS name or IP address of a host on which an LDAP server is running.

port
Numeric, input.
Specifies the TCP port of the LDAP server. If the value is zero, the standard port of 389 is used.

base
Character, input.
Specifies a distinguished name that establishes the base object for the search. The base object is the point in the LDAP tree at which you want to start searching. If this value is blank, the default value is the macro variable or environment variable LDAP_BASE.

bindDN
Character, input.
Specifies the distinguished name used to bind to the server. If this value is blank, the macro variable or environment variable LDAP_BINDDN is used as the bind distinguished name. If a value of "" is specified and the LDAP_BINDDN variable has not been set, an unauthenticated bind is performed.

password
Character, input.
Specifies the password associated with bindDN. If this value is blank, the macro variable or environment variable LDAP_BINDPW is used as the bind distinguished name. If a value of "" is specified and the LDAP_BINDPW variable has not been set, an unauthenticated bind is performed.

Passwords that have been encoded by using the PWENCODE procedure can be used to bind to the server. For more information, see The PWENCODE Procedure in Base SAS Procedures Guide.

rc
Numeric, output.
Receives a return code that identifies success or failure.

options
Character, input.
Specifies one or more session options to use with this bind. The following session options are valid:

OPT_REFERRALS_OFF
Instructs the server to not chase referrals. Specifying this option overrides the default value of OPT_REFERRALS_ON.

SUBTREE_SEARCH_SCOPE
Sets the scope of the search to include all subtrees. This is the default.

BASE_SEARCH_SCOPE
Sets the scope of the search to include only the base. This value overrides the default value of SUBTREE_SEARCH_SCOPE.

ONELEVEL_SEARCH_SCOPE
Sets the scope of the search to include the base and one additional level. This overrides the default value of SUBTREE_SEARCH_SCOPE.

Note: Specify only one search scope option. If multiple search scope options are specified, the one that appears last is used. If none of the search scope options are specified, the default value of SUBTREE_SEARCH_SCOPE is used.

Details

The options specified in the LDAPS_OPEN CALL routine include only those that must be specified when the server connection is first opened. Additional options can be specified after the connection is opened using the LDAPS_SETOPTIONS CALL routine.

Examples

The following example opens a connection to an LDAP server using an anonymous bind and default session options.


server="alpair01.unx.com";port=8010;
base="sasComponent=sasPublishSubscribe,cn=SAS,o=Alphalite Airways,c=US";
bindDN="";
Pw="";
call LDAPS_OPEN(lHandle, server, port, base, bindDN, Pw, rc);

The following example opens a connection to an LDAP server, binds to the server, and passes in a session option of OPT_REFERRALS_OFF. This instructs the LDAP server not to chase referrals.


server = "alpair02.unx.com";
base = "o=Alphalite Airways,c=US";
bindDN ="cn=John Doe,o=Alphalite Airways,c=us";
bindPW ="myPass1";
option= "OPT_REFERRALS_OFF";
call LDAPS_OPEN(lHandle, server,8001,base,bindDN,bindPW,rc, option);