September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
4.4. Using a Fast or Concurrent Bind
Problem
You want to perform an LDAP bind using a concurrent bind, also known as a fast bind. Concurrent binds are typically used in situations where you need to authenticate a lot of users, but those users do not need to directly access the directory or the directory access is done with another account.
Solution
Tip
This works only on a Windows Server 2003 domain controller.
Using a graphical user interface
Open LDP.
From the menu, select Connection → Connect.
For Server, enter the name of a DC.
For Port, enter 389.
Click OK.
From the menu, select Options → Connection Options.
Under Option Name: select LDAP_OPT_FAST_CONCURRENT_BIND
Click the Set button
From the menu, select Connection → Bind.
Enter credentials of a user.
Click OK.
Discussion
Concurrent binding, unlike simple binding, does not generate a security token or determine a user’s group memberships during the authentication process. It only determines if the authenticating user has a valid enabled account and password, which makes it much faster than a typical bind. Concurrent binding is implemented as a session option that is set after you establish a connection to a domain controller, but before any bind attempts are made. After the option has been set, any bind attempt made with the connection will be a concurrent bind.
There are a couple of caveats when using concurrent binds. First, you cannot enable signing or encryption, which means that all data for concurrent binds will be unencrypted over ...