29

I have googled for well over an hour, and cannot find and information that simply explains the protocol/concept. Re-binding seems to occur several times during the process of LDAP authentication and authorization.

Can anyone help me understand this concept or share better well explained resources on this...? Thanks!

Kent Pawar
  • 652
  • 1
  • 9
  • 25
  • in the context of your document, 'binding' is telling LDAP that you would like to make a request in a specific context (like a specific user or client machine). – Frank Thomas May 07 '13 at 16:41
  • 1
    Related: SO, 2014-08-27, [*Is LDAP binding account required for user authentication?*](https://stackoverflow.com/questions/25519666/) – StackzOfZtuff Sep 08 '17 at 14:22

2 Answers2

20

An LDAP client transmits a BIND request to a server in order to change the authorization state of the client connection. When a client first connects to an LDAP directory server, the server sets the authorization state of the connection to unauthenticated. When the server receives a BIND request, the server sets the authorization state of the connection to unauthenticated immediately. Should the BIND request be successful, the server sets the authorization state of the connection to the state associated with the distinguished-name in the BIND request. LDAPv3 allows a connection to change states any number of times, with the caveat that no requests be outstanding when the BIND request is received.

see also

Aaron
  • 125
  • 6
Terry Gardner
  • 957
  • 8
  • 11
2

Google...first link...

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366092%28v=vs.85%29.aspx

Binding is the step where the LDAP server authenticates the client and, if the client is successfully authenticated, allows the client access to the LDAP server based on that client's privileges.

Rebinding is simply doing the process over to authenticate the client.

Travis
  • 1,054
  • 8
  • 16