I installed AD/AM (download link is here) a while back in order to do some LDAP testing on my local XP box without having to turn it into a full-fledged Domain Controller. It installs easily and works reasonably well.

However, I was having all sorts of problems getting the WinLDAP JEDI port to work against AD/AM. AD/AM is LDAP version 3, so I modified the demo that came with JEDI to say:

  Version := LDAP_VERSION3;
  ldap_set_option(nil, LDAP_OPT_PROTOCOL_VERSION, @Version);

The result of all of this is that I get an "Operations error" when calling ldap_search_s. Doing some digging on Google, I believe there is some problem with the authentication against AD/AM when using ldap_simple_bind_s. No error is returned, but my gut tells me the error lies there.

My first thought at solving this was to create a hook DLL that would do OutputDebugStrings each and every time I used the wldap32.dll. Doing this, I could compare the calls and parameters used when using the Address Book (wab.exe) program - which works - and the sample program from the JEDI port - which doesn't work. I even used ldp.exe to do some testing and couldn't get authentication and searching to work properly. ldp reported that my ldap_simple_bind_s authenticated me properly, but the subsequent call to ldap_search_s resulted in the Operations Error with extended server error information telling me that "In order to perform this operation a successful bind must be completed on the connection.".

In the end, I had to succumb to deadline pressures. I now use ADSI, and things work just fine. I'd really like to get the low-level LDAP working, but that has to be a task left for another day.