<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!bindResponse
BindResponse is the [LDAP Message] that consists of an [LDAP Result Code] from the [DSA] of the status of the [DUA]'s [Bind Request] for [authentication].

{{{
BindResponse ::= [APPLICATION 1] SEQUENCE {
      COMPONENTS OF LDAPResult,
      serverSaslCreds    [7] OCTET STRING OPTIONAL } 
}}}

If the [Bind Request] was successful, the resultCode will be success, otherwise it will be one of:
*operationsError: [server|DSA] encountered an internal error ([LDAP Result Code] 1)
*protocolError: unrecognized version number or incorrect [PDU] structure ([LDAP Result Code] 2)
*authMethodNotSupported: unrecognized SASL mechanism name ([LDAP Result Code] 7)
*strongAuthRequired: the server requires authentication be performed with a [SASL] Mechanism ([LDAP Result Code] 8)
*referral: this server cannot accept this bind and the client should try another ([LDAP Result Code] 10)
*saslBindInProgress: the server requires the client to send a new bind request, with the same [SASL] Mechanism, to continue the authentication process,
*inappropriateAuthentication: the server requires the client which had attempted to bind anonymously or without supplying credentials to provide some form of credentials ([LDAP Result Code] 48)
*invalidCredentials: the wrong password was supplied or the SASL credentials could not be processed ([LDAP Result Code] 49)
*unavailable: the server is shutting down ([LDAP Result Code] 81)

If the server does not support the client's requested protocol version, it MUST set the resultCode to protocolError.

If the client receives a BindResponse response where the [resultCode|DefinitionResultCode] was [protocolError|LDAP Result Code], it MUST close the connection as the server will be unwilling to accept further operations.  This is for compatibility with earlier versions of LDAP, in which the bind was always the first operation, and there was no negotiation.)

The serverSaslCreds are used as part of a [SASL] Mechanisms to allow the client to authenticate the server to which it is communicating, or to perform &quot;challenge-response&quot; authentication. If the client bound with the password choice, or the [SASL] Mechanism does not require the server to return information to the client, then this field is not to be included in the result.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>