interface

uses
 Linldap,sysutils,classes;
type
  ELDAP = class(Exception);
  PCharArray = array of pchar;
  PLDAPModArray = array of PLDAPMod;
  PPCharArray = ^PCharArray;
  PPLDAPModArray = ^PLDAPModArray;

  ldapAttribute = class(Tobject)
  private
    fName:string;
    fValues:TStringlist;
    function GetValue(I:integer):string;
    procedure Add(S:String);
    procedure Delete(S:string);
    function getExists(V: string): boolean;
  public
    constructor Create(Name:string);
    destructor Destroy; override;
    property Name:string read fName;
    property Exists[V:string]:boolean read getExists;
    property ValueList:TStringlist read fValues;
    property Value[I:integer]:string read GetValue; default;
  end;

  ldapentryList = class;

  ldapEntry = class(TObject)
  private
    fdn:string;
    P:array of PLDAPMod;
    fParent:ldapEntry;
    fAttributes: TStringlist;
    fChildren: ldapEntrylist;
    function GetAttribute(Name: string): ldapAttribute;
    function GetAttributeValue(Name: string; Idx:Integer): string;
    function GetNiceName:string;
    procedure MakeLDAPArray;
    procedure MakeModLDAPArray(le: ldapEntry);
    procedure ApplyChangesInMemory;
    procedure DisposeLDAPArray;
    function GetExists(Name, Value: string): boolean;
    function GetLDIF:string;
    procedure SetLDIF(S:string);
    function Equal(Name:string;le:ldapEntry;var SL:Tstringlist):boolean;
    function AddsOnly(Name: string; le: ldapEntry; var SL:Tstringlist): boolean;
    function DeletesOnly(Name: string; le: ldapEntry; var SL: Tstringlist): boolean;
    procedure ClearAll;
  public
    property DN:string read fDN write fDN;
    property AttributeValue[Name:string;Idx:integer]:string read GetAttributeValue; default;
    property Attribute[Name:string]:ldapAttribute read GetAttribute;
    property Children:ldapEntryList read fChildren;
    property Parent:ldapEntry read fParent;
    property Exists[Name,Value:string]:boolean read GetExists;
    property NameList:TStringList read fAttributes;
    property NiceName:string read GetNiceName;
    property AsLDIF:string read GetLDIF write SetLDIF;
    constructor Create; overload;
    constructor Create(le:ldapEntry); overload;
    procedure Assign(le: ldapEntry);
    destructor Destroy;
    function FreeChild(ee: ldapEntry): boolean;
    procedure Add(Name,Value:string); overload;
    procedure Add(Name: string; Value: array of string); overload;
    procedure Modify(Name:string;Value:array of string); overload;
    procedure Modify(Name,Value:string); overload;
    procedure Delete(Name:string); overload;
    procedure Delete(Name,Value:string); overload;
  end;


  ldapEntryList = class(TStringList)
    function GetEntry(Idx:integer):ldapEntry;
    function GetDN(Idx:integer):string;
    function GetEntryValue(Idx:integer;Attribute:string;AttributeIndex:integer):string;
  public
    property DN[Idx:integer]:string read GetDN;
    property Entry[Idx:integer]:ldapEntry read GetEntry; default;
    property EntryValue[Idx:integer;Attribute:string;AttributeIndex:integer]:string read GetEntryValue;
    function NewEntry(const DN:string):ldapEntry;
    procedure ClearAll;
    destructor Destroy;
  end;

  ldapConnection = class(tObject)
  private
    fConn:PLDAP;
    fHost,fDN,fPWD:string;
    fPort:integer;
    fBaseDN:string;
    procedure LDAPError(const s: string);
    procedure LDAPCheck(err: ULONG);
  public
    property Host:string read fHost write fHost;
    property Port:integer read fPort write fPort;
    property BindDN:string read fDN write fDN;
    property BaseDN:string read fBaseDN write fBaseDN;
    property BindPwd:string read fPWD write fPWD;
    function UidToDN(const Uid: string;const Base:string): string;
    procedure Open; overload;
    procedure Open(const Hostname:string;const BindAs:string='';const BindPassword:string='';const PortNumber:integer=389); overload;
    procedure ReBind(const BindAs, BindPassword: string);
    procedure Search(var Results:ldapEntryList; const Base:string; const Search:string='(objectclass=*)'; const Scope:string='sub'); overload;
    procedure Search(var Results:ldapEntryList; const DNs:ldapAttribute); overload;
    procedure Add(const Entry:ldapEntry);
    procedure Fill(var Entry:ldapEntry);
    procedure Modify(const Entry,NewEntry: ldapEntry);
    procedure Delete(const DN: string); overload;
    procedure Delete(const Entry: ldapEntry); overload;
    procedure Close;
  end;

function AttributeName(S:string):string;
function AttributeValue(S:string):string;
function FindDn(const server,base,Uid:string):string;
function ValidDn(const server,dn,uid,pwd:string):boolean;
function RDN(dn:string):string;
function FullDN(rdn,basedn:string):string;
function Check(const Server:string;const PortNumber:integer; const Uid,Password,BaseDN:string):boolean;

implementation

uses LDAP_Test_Main;

function AttributeName(S:string):string;
begin
  if pos(':',S)>0 then
    Result:=copy(S,1,pos(':',S)-1)
  else
    Result:='';
end;

function AttributeValue(S:string):string;
begin
  if pos(':',S)>0 then
    Result:=copy(S,pos(':',S)+1,999)
  else
    Result:='';
end;

function RDN(dn:string):string;
var
  I:integer;
begin
  I:=pos(',',dn);
  if I>1 then
  begin
    result:=trim(copy(dn,1,I-1))
  end
  else
    result:=dn;
end;

function FullDN(rdn,basedn:string):string;
begin
  if pos(',',rdn)=0 then
    result:=rdn+','+basedn
  else
    result:=rdn;
end;


{ ldapAttribute }
constructor ldapAttribute.Create(Name:string);
begin
  inherited Create;
  fName:=Name;
  fValues:=TStringlist.Create;
  fValues.Duplicates:=dupIgnore;
  fValues.Sorted:=false;
end;

destructor ldapAttribute.Destroy;
begin
  fValues.Free;
  inherited;
end;

function ldapAttribute.getExists(V: string): boolean;
begin
 result:=Self.fValues.IndexOf(V)>=0;
end;

function ldapAttribute.Getvalue(I:integer):string;
begin
  if (I>=0) and (I<fValues.Count) then
    Result:=fValues[I]
  else Result:='';
end;

procedure ldapAttribute.Delete(S:string);
var I:integer;
begin
  I:=fValues.Indexof(S);
  if I>=0 then fValues.Delete(I);
end;

procedure ldapAttribute.Add(S:String);
begin
  fValues.Add(S);
end;

{ ldapEntry }

constructor ldapEntry.Create;
begin
 inherited;
 fAttributes:=TStringList.create;
 fattributes.Duplicates:=dupIgnore;
 fattributes.sorted:=false;
 fChildren:=ldapEntrylist.create;
end;

constructor ldapEntry.Create(le: ldapEntry);
begin
 Create;
 Assign(le);
end;


procedure ldapEntry.Assign(le: ldapEntry);
var
 I:integer;
 la:ldapAttribute;
 newle:ldapEntry;
begin
 Self.ClearAll;
 fDN:=le.fdn;
 for I:=0 to le.NameList.count-1 do
 begin
    la:=ldapAttribute.Create(le.NameList[i]);
    la.ValueList.Assign(le.Attribute[le.NameList[i]].ValueList);
    Self.fAttributes.AddObject(le.NameList[i],la);
 end;
 for I:=0 to le.fChildren.count-1 do
 begin
  newle:=ldapEntry.Create(le.Children[I]);
  Self.Children.AddObject(le.Children[I].DN,newle);
  newle.fParent:=Self;
 end;
end;

procedure ldapEntry.ClearAll;
var
 I:integer;
begin
 fdn:='';
 Self.DisposeLDAPArray;
 if assigned(fAttributes) then
 begin
   for I:=0 to fAttributes.count-1 do
     ldapAttribute(fAttributes.Objects[I]).Free;
   fAttributes.Clear;
 end;    
end;

destructor ldapEntry.Destroy;
begin
 ClearAll;
 fChildren.Free;
 fAttributes.free;
 inherited;
end;

function ldapEntry.GetNiceName: string;
var
  I:integer;
begin
  result:='';
  if Self.Exists['objectclass','groupofuniquenames'] then
    result:='['+Self.GetAttributeValue('cn',0)+']'
  else if Self.GetAttributeValue('sn',0)<>'' then
    result:=trim(Self.GetAttributeValue('sn',0)+', '+Self.GetAttributeValue('personaltitle',0)+' '+Self.GetAttributeValue('givenname',0))
  else if Self.GetAttributeValue('cn',0)<>'' then
    result:=Self.GetAttributeValue('cn',0)
  else begin
    if Self.AttributeValue['ou',0]<>'' then
    begin
      for I:=0 to Self.Attribute['ou'].ValueList.Count-1 do
        if pos(uppercase(Self.GetAttributeValue('ou',I)),uppercase(RDN(self.DN)))<>0 then
          Result:=Self.GetAttributeValue('ou',I);
    end;    
    if Result='' then
      Result:=RDN(Self.DN);
  end;
end;

procedure ldapEntry.Modify(Name:string;Value:array of string);
var
  I:integer;
begin
  if uppercase(name)='DN' then
    raise ELDAP.Create('Cannot Modify DN of Entry')
  else
  begin
    Self.Delete(Name);
    for I:=low(value) to high(value) do
      Self.Add(Name,value[I]);
  end;
end;

procedure ldapEntry.Modify(Name,Value:string);
begin
  if uppercase(name)='DN' then
    raise ELDAP.Create('Cannot Modify DN of Entry')
  else
  begin
    Self.Delete(Name);
    Self.Add(Name,value);
  end;
end;

procedure ldapEntry.Add(Name:string;Value:array of string);
var
  I:integer;
begin
  for I:=low(value) to high(value) do
    Add(Name,value[I]);
end;

procedure ldapEntry.Add(Name,Value:string);
var
 la:ldapAttribute;
begin
  if uppercase(name)='DN' then
    raise ELDAP.Create('Cannot Modify DN of Entry')
  else
    begin
      la:=Self.Attribute[Name];
      if not assigned(la) then
      begin
        la:=ldapAttribute.Create(Name);
        self.NameList.AddObject(Name,la);
      end;
      la.Add(Value);
    end;
end;

procedure ldapEntry.Delete(Name:string);
var
  la:ldapAttribute;
  Idx:integer;
begin
  la:=Self.Attribute[Name];
  if assigned(la) then
  begin
    idx:=self.NameList.IndexOfObject(la);
    if idx>=0 then
      Self.NameList.Delete(Idx);
    la.Free;
  end;
end;

procedure ldapEntry.Delete(Name,Value:string);
var
  la:ldapAttribute;
begin
  la:=Self.Attribute[Name];
  la.Delete(Value);
  if la.ValueList.Count=0 then
    Self.Delete(Name);
end;

function ldapEntry.GetAttribute(Name: string): ldapAttribute;
var
  I:integer;
begin
  I:=fAttributes.Indexof(Name);
  if I>=0 then Result:=ldapAttribute(fAttributes.Objects[I])
          else Result:=nil;
end;

function ldapEntry.GetAttributeValue(Name: string; Idx:Integer): string;
var
  lda:ldapAttribute;
begin
  lda:=self.GetAttribute(Name);
  if lda=nil then result:=''
     else Result:=lda[idx];
end;

procedure ldapEntry.SetLDIF(S:string);
var
  SL:TStringlist;
  I:integer;
  N,V:string;
begin
  try
    Self.ClearAll;
    SL:=TSTringlist.Create;
    SL.Text:=S;
    for I:=0 to SL.Count-1 do
    begin
      N:=copy(SL[I],1,pos(':',SL[I])-1);
      V:=copy(SL[I],pos(':',SL[I])+1,32000);
      if uppercase(N)='DN' then
          Self.fdn:=V
        else
          Self.Add(N,V);
    end;
  finally
    SL.Free;
  end;
end;

function ldapEntry.GetLDIF: string;
var
  I,J:integer;
begin
  result:='dn:'+self.DN+^M^J;
  for I:=0 to NameList.Count-1 do
    for J:=0 to Self.Attribute[NameList[I]].ValueList.Count-1 do
       if integer(Attribute[NameList[I]].ValueList.Objects[J])<>LDAP_MOD_DELETE then
         result:=Result+NameList[I]+':'+Attribute[NameList[I]].ValueList[J]+^M^J;
end;

function ldapEntry.AddsOnly(Name:string;le:ldapEntry;var SL:Tstringlist):boolean;
var
  I:integer;
  a1,a2:ldapAttribute;
begin
  a1:=Self.Attribute[Name];
  a2:=le.Attribute[Name];
  if assigned(a1) and not assigned(a2) then
   result:=false
  else if not assigned(a1) and assigned(a2) then
   begin
    result:=true;
    SL.Assign(a2.ValueList);
   end
  else
   begin // Adds only - all "a1" are in "a2" - some "a2" not in "a1"
    Result:=true;
    for I:=0 to a1.ValueList.Count-1 do
      if a2.ValueList.IndexOf(a1.ValueList[I])=-1 then begin Result:=false; break; end;
    Result:=Result and (a2.ValueList.Count>a1.ValueList.Count);
    if Result then
     for I:=0 to a2.ValueList.Count-1 do
      if a1.ValueList.IndexOf(a2.ValueList[I])=-1 then SL.Add(a2.ValueList[I])
   end;
end;

function ldapEntry.DeletesOnly(Name:string;le:ldapEntry;var SL:Tstringlist):boolean;
begin
 Result:=le.AddsOnly(Name,Self,SL);
end;

function ldapEntry.Equal(Name:string;le:ldapEntry;var SL:Tstringlist):boolean;
var
  I:integer;
  a1,a2:ldapAttribute;
begin
  a1:=Self.Attribute[Name];
  a2:=le.Attribute[Name];
  if not (assigned(a1) and assigned(a2)) then Result:=false
  else if a1.ValueList.Count<>a2.ValueList.Count then Result:=false
  else begin
    Result:=true;
    for I:=0 to a1.ValueList.Count-1 do
      if a2.ValueList.IndexOf(a1.ValueList[I])=-1 then begin Result:=false; break; end;
    if not Result then
      SL.Assign(a2.ValueList);  
  end;
end;

procedure ldapEntry.MakeModLDAPArray(le: ldapEntry);
var
 I,J:integer;
 full_at_list,done_at:TStringlist;
 cmd:integer;
 cChanges:integer;
 function IncludeAttribute(at:string):boolean;
 begin
  Result:=(uppercase(at) <> 'CREATORSNAME') and
          (uppercase(at) <> 'MODIFIERSNAME') and
          (uppercase(at) <> 'CREATETIMESTAMP') and
          (uppercase(at) <> 'MODIFYTIMESTAMP');
 end;
begin
  try
    done_at:=Tstringlist.create;
    full_at_list:=Tstringlist.create;
    full_at_list.Duplicates:=dupIgnore;
    full_at_list.Sorted:=true;
    DisposeLDAPArray;
    cChanges:=0;
   
    for I:=0 to Namelist.count-1 do
     if IncludeAttribute(NameList[i]) then
           full_at_list.Add(NameList[i]);

    for I:=0 to le.Namelist.count-1 do
     if IncludeAttribute(le.NameList[i]) then
           full_at_list.Add(le.NameList[i]);

    for I:=0 to full_at_list.Count-1 do
    begin
     done_at.Clear;
     if AddsOnly(full_at_list[I],le,done_at) then // Add
       cmd:=LDAP_MOD_ADD
     else if DeletesOnly(full_at_list[I],le,done_at) then // Delete
       cmd:=LDAP_MOD_DELETE
     else if not Equal(full_at_list[I],le,done_at) then // Replace
       cmd:=LDAP_MOD_REPLACE
     else
       cmd:=LDAP_MOD_NOCHANGE;
     if Cmd<>LDAP_MOD_NOCHANGE then
     begin
      inc(cChanges);
      SetLength(P,cChanges+1);
      New(P[cChanges-1]);
      P[cChanges-1]^.mod_op:=Cmd;
      P[cChanges-1]^.mod_type:=Strnew(PChar(full_at_list[i]));
      SetLength(P[cChanges-1]^.modv_strvals,done_at.count+1);
      for J:=0 to done_at.count-1 do
        P[cChanges-1]^.modv_strvals[J]:=Strnew(PChar(done_at[J]));
     end;
    end;
  finally
    full_at_list.free;
    done_at.Free;
  end;
end;

procedure ldapEntry.MakeLDAPArray;
var
  A:ldapAttribute;
  I,J:integer;
begin
  SetLength(P,NameList.Count);
  for I:=0 to NameList.Count-1 do
  begin
    New(P[I]);
    P[I]^.mod_op:=LDAP_MOD_ADD;
    P[I]^.mod_type:=StrNew(PChar(NameList[I]));
    A:=Attribute[NameList[I]];
    SetLength(P[I]^.modv_strvals,A.ValueList.Count+1);
    for J:=0 to A.ValueList.Count-1 do
      P[I]^.modv_strvals[J]:=StrNew(PChar(A.Valuelist[J]));
  end;
end;

procedure ldapEntry.ApplyChangesInMemory;
var
  I,J:integer;
begin
  if assigned(P) then
  begin
    for I:=low(P) to high(P) do
     if assigned(P[I]) then
      begin
       if P[I]^.mod_op = LDAP_MOD_REPLACE then
         Self.Delete(P[I]^.mod_type);
       for J:=low(P[I]^.modv_strvals) to high(P[I]^.modv_strvals) do
        if assigned(P[I]^.modv_strvals[J]) then
          case P[I]^.mod_op of
           LDAP_MOD_ADD:Self.Add(P[I]^.mod_type,P[I]^.modv_strvals[J]);
           LDAP_MOD_DELETE:Self.Delete(P[I]^.mod_type,P[I]^.modv_strvals[J]);
           LDAP_MOD_REPLACE:Self.Add(P[I]^.mod_type,P[I]^.modv_strvals[J]);
          end;
      end;
  end;
end;

procedure ldapEntry.DisposeLDAPArray;
var
  I,J:integer;
begin
  if assigned(P) then
  begin
    for I:=low(P) to high(P) do
     if assigned(P[I]) then
      begin
       StrDispose(P[I]^.mod_type);
       for J:=low(P[I]^.modv_strvals) to high(P[I]^.modv_strvals) do
       if assigned(P[I]^.modv_strvals[J]) then
         StrDispose(P[I]^.modv_strvals[J]);
       P[I]^.modv_strvals:=nil;
       Dispose(P[I]);
      end;
    P:=nil;
  end;
end;

function ldapEntry.GetExists(Name, Value: string): boolean;
begin
 if assigned(Self.Attribute[Name]) then
   Result:=Self.Attribute[Name].Exists[Value]
 else
   Result:=false;
end;

function ldapEntry.FreeChild(ee:ldapEntry):boolean;
begin
  if Assigned(ee) and (Self.Children.IndexOfObject(ee)>=0) then
  begin
    Children.Delete(Children.IndexofObject(ee));
    ee.free;
    Result:=true;
  end
  else
    Result:=false;
end;


{ ldapEntryList }

function ldapEntryList.GetDN(Idx:integer):string;
begin
 if (idx>=0) and (Idx<Self.Count) then
   Result:=self.strings[Idx]
 else
   REsult:='';
end;

function ldapEntryList.GetEntryValue(Idx:integer;Attribute:string;AttributeIndex:integer):string;
var
  lde:ldapEntry;
begin
  lde:=Self.GetEntry(Idx);
  Result:=lde.AttributeValue[Attribute,AttributeIndex];
end;

function ldapEntryList.GetEntry(Idx:integer):ldapEntry;
begin
 if (idx>=0) and (Idx<Self.Count) then
   Result:=ldapEntry(self.objects[Idx])
 else
   REsult:=nil;
end;

function ldapEntryList.NewEntry(const DN:string):ldapEntry;
var
  Idx:integer;
begin
  Idx:=Self.AddObject(DN,ldapEntry.Create);
  Result:=ldapEntry(Self.Objects[Idx]);
  Result.fdn:=DN;
end;

procedure ldapEntryList.ClearAll;
var
 I:integer;
begin
 for I:=0 to Self.count-1 do
   ldapEntry(Self.Objects[I]).Free;
 Self.Clear;
end;

destructor ldapEntryList.Destroy;
begin
 ClearAll;
 inherited;
end;

{ ldapConnection }

procedure ldapConnection.LDAPError(const s: string);
begin
  raise ELDAP.Create(s);
end;

procedure ldapConnection.LDAPCheck(err: ULONG);
begin
  if (err <> LDAP_SUCCESS) then LDAPError(ldap_err2string(err));
end;

procedure ldapConnection.Fill(var Entry:ldapEntry);
var
  el:ldapEntryList;
  old_dn:string;
begin
  try
    el:=ldapEntrylist.create;
    old_dn:=Entry.dn;
    Entry.ClearAll;
    Entry.dn:=old_dn;
    Search(el,Entry.dn,'(objectclass=*)','base');
    if el.Count=1 then
      Entry.Assign(el[0]);
  finally
    el.free;
  end;
end;

function ldapConnection.UidToDN(const Uid:string;const Base:string):string;
var
  plmSearch, plmEntry: PLDAPMessage;
begin
  if Assigned(fConn) then
  begin
    LDAPCheck(ldap_simple_bind_s(fConn, nil, nil));
    LDAPCheck(ldap_search_s(fconn, pchar(Base), LDAP_SCOPE_SUBTREE ,pchar('(uid='+uid+')'), nil, 0, @plmSearch));
    plmEntry := ldap_first_entry(fConn, plmSearch);
    if Assigned(plmEntry) then
      Result := ldap_get_DN(fConn,plmEntry)
    else
      LDAPError('UID not found');
  end
  else
    LDAPError('Error Opening Connection to Server');
end;

procedure ldapConnection.Search(var Results: ldapEntryList; const DNs: ldapAttribute);
var
  I:integer;
  el:ldapEntryList;
begin
  if assigned(Results) and assigned(DNs) then
  begin
    try
      el:=ldapEntryList.Create;
      for I:=0 to DNs.ValueList.Count-1 do
      begin
        try
          el.ClearAll;
          Search(el,DNs.ValueList[I],'(objectclass=*)','base');
          if el.Count=1 then
            Results.AddObject(el[0].DN,ldapEntry.create(el[0]))
        except
        end;  
      end;
    finally
      el.ClearAll;
      el.Free;
    end;
  end;
end;

procedure ldapConnection.Search(var Results:ldapEntryList; const Base:string; const Search:string='(objectclass=*)'; const Scope:string='sub');
var
  plmSearch, plmEntry: PLDAPMessage;
  i,iScope:integer;
  psEntryDN:pchar;
  CurrentEntry:ldapEntry;
  pszAttr: pchar;
  pbe: PBerElement;
  ppcVals: PPCHAR;
begin
  if lowercase(scope)='base' then iScope:=LDAP_SCOPE_BASE
  else if lowercase(scope)='one' then iScope:=LDAP_SCOPE_ONELEVEL
  else if lowercase(scope)='sub' then iScope:=LDAP_SCOPE_SUBTREE;
  try
   LDAPCheck(ldap_search_s(fconn, pchar(Base), iScope ,pchar(Search), nil, 0, @plmSearch));
    try
     plmEntry := ldap_first_entry(fConn, plmSearch);
     while Assigned(plmEntry) do
      begin
        try
          try
            psEntryDN := ldap_get_DN(fConn,plmEntry);
            CurrentEntry:=REsults.NewEntry(psEntryDN);
          except
            ldaperror('Error Retrieving DN for entry');
          end;
        finally
          ldap_memfree(psEntryDN);
        end;
        pszAttr := ldap_first_attribute(fConn, plmEntry, pbe);
        while Assigned(pszAttr) do
         begin
          ppcVals := ldap_get_values(fConn, plmEntry, pszAttr);
          if Assigned(ppcVals) then
           try
            i := 0;
            while Assigned(pchararray(ppcVals)[i]) do
             begin
              CurrentEntry.Add(pszAttr,pchararray(ppcVals)[i]);
              Inc(i);
             end;
           finally
            LDAPCheck(ldap_value_free(ppcVals));
           end;
          pszAttr := ldap_next_attribute(fConn, plmEntry, pbe);
         end;
        plmEntry :=ldap_next_entry(fConn, plmEntry);
      end;
    finally
    end;
  finally
   ldap_msgfree(plmSearch);
  end;
end;

procedure ldapConnection.Delete(const DN: string);
begin
  LDAPCheck(ldap_delete_s(fConn,PChar(DN)));
end;

procedure ldapConnection.Delete(const Entry: ldapEntry);
begin
  LDAPCheck(ldap_delete_s(fConn,PChar(Entry.DN)));
end;

procedure ldapConnection.Add(const Entry: ldapEntry);
begin
  try
    Entry.MakeLDAPArray;
    LDAPCheck(ldap_add_s(fConn,PChar(Entry.fdn),pointer(Entry.P)));
  finally
    Entry.DisposeLDAPArray;
  end;
end;


procedure ldapConnection.Modify(const Entry,NewEntry: ldapEntry);
begin
  try
    Entry.MakeModLDAPArray(NewEntry);
    if (assigned(Entry.P)) and (High(Entry.P)<>Low(Entry.P)) then
      LDAPCheck(ldap_modify_s(fConn,PChar(Entry.fdn),pointer(Entry.P)));
    Entry.ApplyChangesInMemory;
  finally
    Entry.DisposeLDAPArray;
  end;
end;

procedure ldapConnection.Close;
begin
  LDAPCheck(ldap_unbind_s(fConn));
  fConn:=nil;
end;

procedure ldapConnection.Open;
begin
  fConn := ldap_open(pchar(fHost), fPort);
  if Assigned(fConn) then
    if (fPWD='') or (fDN='') then
      LDAPCheck(ldap_simple_bind_s(fConn, nil, nil))
    else
      LDAPCheck(ldap_simple_bind_s(fConn, pchar(fDN), pchar(fPwd)))
  else
    LDAPError('Error Opening Connection to Server');
end;

procedure ldapConnection.ReBind(const BindAs, BindPassword: string);
begin
  fDN:=BindAs;
  fPWD:=BindPassword;
  if Assigned(fConn) then
    if (BindPassword='') or (BindAs='') then
      LDAPCheck(ldap_simple_bind_s(fConn, nil, nil))
    else
      LDAPCheck(ldap_simple_bind_s(fConn, pchar(BindAs), pchar(BindPassword)))
  else
    LDAPError('No Exisiting Connection to Server');
end;


procedure ldapConnection.Open(const Hostname, BindAs, BindPassword: string; const PortNumber: integer);
begin
  fHost:=Hostname;
  fPwd:=BindPassword;
  fPort:=PortNumber;
  fDN:=BindAS;
  open;
end;

function FindDn(const server,base,Uid:string):string;
var
  conn:ldapConnection;
  el:ldapEntryList;
begin
  try
    try
      Conn:=ldapConnection.Create;
      Conn.Open(server);
      el:=ldapEntryList.Create;
      Conn.Search(el,base,'(uid='+uid+')');
      result:=el.Dn[0];
    finally
      el.Free;
      conn.Close;
      conn.free;
    end;
  except
    Result:='';
  end;
end;

function ValidDn(const server,dn,uid,pwd:string):boolean;
var
  conn:ldapConnection;
  el:ldapEntryList;
begin
  try
    try
      Conn:=ldapConnection.Create;
      Conn.Open(Server,dn,pwd);
      el:=ldapEntryList.Create;
      Conn.Search(el,dn,'(uid='+uid+')','base');
      Result:= uppercase(el.GetEntryValue(0,'uid',0))=uppercase(uid);
    finally
      el.free;
      conn.close;
      conn.free;
    end;
  except
    Result:=false;
  end;
end;

function Check(const Server:string;const PortNumber:integer; const Uid,Password,BaseDN:string):boolean;
var
  dn:string;
  conn:ldapConnection;
  el1:ldapEntryList;
begin
  result:=true;
  try
    try
      Conn:=ldapConnection.Create;
      Conn.Open(Server,'','',PortNumber);
      el1:=ldapEntryList.create;
      Conn.Search(el1,baseDN,'(uid='+uid+')');
      if (el1.Count=1) then dn:=el1.dn[0] else dn:='';
      if dn='' then Result:=false else Conn.ReBind(dn,Password);
    finally
      el1.Free;
      conn.Close;
      conn.free;
    end;
  except
    Result:=false;
  end;
end;

end.

interface

type
  ULONG = longword;
  UCHAR = byte;
  LONG = longint;
  PVOID = pointer;
  USHORT = word;
  PWCHAR = pwidechar;
  INT = integer;
  PPWCHAR = ^PWCHAR;
  PPCHAR = ^PCHAR;


const
  LDAP_PORT              = 389;
  LDAP_SSL_PORT          = 636;

  LDAP_VERSION1          = 1;
  LDAP_VERSION2          = 2;
  LDAP_VERSION3          = 3;
  LDAP_VERSION          = LDAP_VERSION2;

  LDAP_BIND_CMD         = $60;  // application + constructed
  LDAP_UNBIND_CMD       = $42;  // application + primitive
  LDAP_SEARCH_CMD       = $63;  // application + constructed
  LDAP_MODIFY_CMD       = $66;  // application + constructed
  LDAP_ADD_CMD          = $68;  // application + constructed
  LDAP_DELETE_CMD       = $4a;  // application + primitive
  LDAP_MODRDN_CMD       = $6c;  // application + constructed
  LDAP_COMPARE_CMD      = $6e;  // application + constructed
  LDAP_ABANDON_CMD      = $50;  // application + primitive
  LDAP_SESSION_CMD      = $71;  // application + constructed
  LDAP_EXTENDED_CMD     = $77;  // application + constructed

  LDAP_RES_BIND          = $61;  // application + constructed
  LDAP_RES_SEARCH_ENTRY  = $64;  // application + constructed
  LDAP_RES_SEARCH_RESULT = $65;  // application + constructed
  LDAP_RES_MODIFY        = $67;  // application + constructed
  LDAP_RES_ADD           = $69;  // application + constructed
  LDAP_RES_DELETE        = $6b;  // application + constructed
  LDAP_RES_MODRDN        = $6d;  // application + constructed
  LDAP_RES_COMPARE       = $6f;  // application + constructed
  LDAP_RES_SESSION       = $72;  // application + constructed
  LDAP_RES_REFERRAL      = $73;  // application + constructed
  LDAP_RES_EXTENDED      = $78;  // application + constructed
  LDAP_RES_ANY           = -1;

  LDAP_INVALID_CMD        = $ff;
  LDAP_INVALID_RES        = $ff;

  LDAP_SUCCESS                   =  $00;
  LDAP_OPERATIONS_ERROR          =  $01;
  LDAP_PROTOCOL_ERROR            =  $02;
  LDAP_TIMELIMIT_EXCEEDED        =  $03;
  LDAP_SIZELIMIT_EXCEEDED        =  $04;
  LDAP_COMPARE_FALSE             =  $05;
  LDAP_COMPARE_TRUE              =  $06;
  LDAP_AUTH_METHOD_NOT_SUPPORTED =  $07;
  LDAP_STRONG_AUTH_REQUIRED      =  $08;
  LDAP_REFERRAL_V2                =  $09;
  LDAP_PARTIAL_RESULTS           =  $09;
  LDAP_REFERRAL                  =  $0a;
  LDAP_ADMIN_LIMIT_EXCEEDED      =  $0b;
  LDAP_UNAVAILABLE_CRIT_EXTENSION =  $0c;

  LDAP_NO_SUCH_ATTRIBUTE         =  $10;
  LDAP_UNDEFINED_TYPE            =  $11;
  LDAP_INAPPROPRIATE_MATCHING    =  $12;
  LDAP_CONSTRAINT_VIOLATION      =  $13;
  LDAP_ATTRIBUTE_OR_VALUE_EXISTS =  $14;
  LDAP_INVALID_SYNTAX            =  $15;

  LDAP_NO_SUCH_OBJECT            =  $20;
  LDAP_ALIAS_PROBLEM             =  $21;
  LDAP_INVALID_DN_SYNTAX         =  $22;
  LDAP_IS_LEAF                   =  $23;
  LDAP_ALIAS_DEREF_PROBLEM       =  $24;

  LDAP_INAPPROPRIATE_AUTH        =  $30;
  LDAP_INVALID_CREDENTIALS       =  $31;
  LDAP_INSUFFICIENT_RIGHTS       =  $32;
  LDAP_BUSY                      =  $33;
  LDAP_UNAVAILABLE               =  $34;
  LDAP_UNWILLING_TO_PERFORM      =  $35;
  LDAP_LOOP_DETECT               =  $36;

  LDAP_NAMING_VIOLATION          =  $40;
  LDAP_OBJECT_CLASS_VIOLATION    =  $41;
  LDAP_NOT_ALLOWED_ON_NONLEAF    =  $42;
  LDAP_NOT_ALLOWED_ON_RDN        =  $43;
  LDAP_ALREADY_EXISTS            =  $44;
  LDAP_NO_OBJECT_CLASS_MODS      =  $45;
  LDAP_RESULTS_TOO_LARGE         =  $46;
  LDAP_AFFECTS_MULTIPLE_DSAS     =  $47;

  LDAP_OTHER                     =  $50;
  LDAP_SERVER_DOWN               =  $51;
  LDAP_LOCAL_ERROR               =  $52;
  LDAP_ENCODING_ERROR            =  $53;
  LDAP_DECODING_ERROR            =  $54;
  LDAP_TIMEOUT                   =  $55;
  LDAP_AUTH_UNKNOWN              =  $56;
  LDAP_FILTER_ERROR              =  $57;
  LDAP_USER_CANCELLED            =  $58;
  LDAP_PARAM_ERROR               =  $59;
  LDAP_NO_MEMORY                 =  $5a;

type
  LDAP_RETCODE = integer;

const
  LDAP_AUTH_SIMPLE               = $80;
  LDAP_AUTH_SASL                 = $83;

  LDAP_AUTH_OTHERKIND            = $86;

  LDAP_AUTH_SICILY               =(LDAP_AUTH_OTHERKIND or $0200);

  LDAP_AUTH_MSN                  =(LDAP_AUTH_OTHERKIND or $0800);
  LDAP_AUTH_NTLM                 =(LDAP_AUTH_OTHERKIND or $1000);
  LDAP_AUTH_DPA                  =(LDAP_AUTH_OTHERKIND or $2000);
  LDAP_AUTH_SSPI                 =(LDAP_AUTH_OTHERKIND or $0400);

  LDAP_FILTER_AND        = $a0;   // context specific + constructed - SET OF Filters.
  LDAP_FILTER_OR         = $a1;   // context specific + constructed - SET OF Filters.
  LDAP_FILTER_NOT        = $a2;   // context specific + constructed - Filter
  LDAP_FILTER_EQUALITY   = $a3;   // context specific + constructed - AttributeValueAssertion.
  LDAP_FILTER_SUBSTRINGS = $a4;   // context specific + constructed - SubstringFilter
  LDAP_FILTER_GE         = $a5;   // context specific + constructed - AttributeValueAssertion.
  LDAP_FILTER_LE         = $a6;   // context specific + constructed - AttributeValueAssertion.
  LDAP_FILTER_PRESENT    = $87;   // context specific + primitive  - AttributeType.
  LDAP_FILTER_APPROX     = $a8;   // context specific + constructed - AttributeValueAssertion.

  LDAP_SUBSTRING_INITIAL = $80;  // class context specific
  LDAP_SUBSTRING_ANY     = $81;  // class context specific
  LDAP_SUBSTRING_FINAL   = $82;  // class context specific


  LDAP_DEREF_NEVER       = 0;
  LDAP_DEREF_SEARCHING   = 1;
  LDAP_DEREF_FINDING     = 2;
  LDAP_DEREF_ALWAYS      = 3;

  LDAP_NO_LIMIT      = 0;

  LDAP_OPT_DNS               = $00000001; // utilize DN & DNS
  LDAP_OPT_CHASE_REFERRALS   = $00000002; // chase referrals
  LDAP_OPT_RETURN_REFS       = $00000004; // return referrals to calling app

{$ALIGN ON}

type
  PLDAP = ^LDAP;
  LDAP = record

    ld_sb: record
      sb_sd: ULONG;
      Reserved1: array [0..(10*sizeof(ULONG))] of UCHAR;
      sb_naddr: ULONG;  // notzero implies CLDAP available
      Reserved2: array [0..(6*sizeof(ULONG))] of UCHAR;
    end;

    ld_host: PCHAR;
    ld_version: ULONG;
    ld_lberoptions: UCHAR;

    ld_deref: ULONG;

    ld_timelimit: ULONG;
    ld_sizelimit: ULONG;

    ld_errno: ULONG;
    ld_matched: PCHAR;
    ld_error: PCHAR;
    ld_msgid: ULONG;

    Reserved3: array [0..(6*sizeof(ULONG))] of UCHAR;

    ld_cldaptries: ULONG;
    ld_cldaptimeout: ULONG;
    ld_refhoplimit: ULONG;
    ld_options: ULONG;
  end;

  PLDAP_TIMEVAL = ^LDAP_TIMEVAL;
  LDAP_TIMEVAL = record
    tv_sec: LONG;
    tv_usec: LONG;
  end;

  PPLDAP_BERVAL = ^PLDAP_BERVAL;
  PLDAP_BERVAL = ^LDAP_BERVAL;
  LDAP_BERVAL = record
    bv_len: ULONG;
    bv_val: PCHAR;
  end;

  PPLDAPMessage = ^PLDAPMessage;
  PLDAPMessage = ^LDAPMessage;
  LDAPMessage = record
    lm_msgid: ULONG;            // message number for given connection
    lm_msgtype: ULONG;          // message type of the form LDAP_RES_xxx

    lm_ber: PVOID;              // ber form of message

    lm_chain: PLDAPMessage;     // pointer to next result value
    lm_next: PLDAPMessage;      // pointer to next message
    lm_time: ULONG;

    Connection: PLDAP;          // connection from which we received response
    Request: PVOID;             // owning request(opaque structure)
    lm_returncode: ULONG;       // server's return code
    lm_hopcount: USHORT;        // hop count for number of referrals followed
  end;

const
  LDAP_MOD_ADD           = $00;
  LDAP_MOD_DELETE        = $01;
  LDAP_MOD_REPLACE       = $02;
  LDAP_MOD_NOCHANGE      = $0F;
  LDAP_MOD_BVALUES       = $80;

type
  PLDAPMod = ^LDAPMod;
  LDAPMod = record
    mod_op: ULONG;
    mod_type: PCHAR;
    modv_strvals: array of PChar;
//    modvals: record
//      case integer of
//        0:(modv_strvals: ^PCHAR);
//        1:(modv_bvals: ^PLDAP_BERVAL);
//    end;
  end;

// XXX #pragma pack(pop)
{$ALIGN OFF}

//
//  macros compatible with reference implementation...
//

function LDAP_IS_CLDAP(ld: PLDAP): boolean;
function NAME_ERROR(n: integer): boolean;

function ldap_open(HostName: PCHAR; PortNumber: ULONG): PLDAP; cdecl;
function ldap_init(HostName: PCHAR; PortNumber: ULONG): PLDAP; cdecl;
function ldap_sslinit(HostName: PCHAR; PortNumber: ULONG; secure: integer): PLDAP; cdecl;

function cldap_open(HostName: PCHAR; PortNumber: ULONG): PLDAP; cdecl;

function ldap_unbind(ld: PLDAP): ULONG; cdecl;
function ldap_unbind_s(ld: PLDAP): ULONG; cdecl; // calls ldap_unbind

function ldap_get_option(ld: PLDAP; option: integer; outvalue: pointer): ULONG; cdecl;
function ldap_set_option(ld: PLDAP; option: integer; invalue: pointer): ULONG; cdecl;

const
  LDAP_OPT_DESC              = $01;
  LDAP_OPT_DEREF             = $02;
  LDAP_OPT_SIZELIMIT         = $03;
  LDAP_OPT_TIMELIMIT         = $04;
  LDAP_OPT_THREAD_FN_PTRS    = $05;
  LDAP_OPT_REBIND_FN         = $06;
  LDAP_OPT_REBIND_ARG        = $07;
  LDAP_OPT_REFERRALS         = $08;
  LDAP_OPT_RESTART           = $09;

  LDAP_OPT_IO_FN_PTRS        = $0a;
  LDAP_OPT_CACHE_FN_PTRS     = $0c;
  LDAP_OPT_CACHE_STRATEGY    = $0d;
  LDAP_OPT_CACHE_ENABLE      = $0e;
  LDAP_OPT_SSL               = $0f;
  LDAP_OPT_VERSION           = $10;
  LDAP_OPT_SORTKEYS          = $11;

//
//  These are new ones that we've defined, not in current RFC draft.
//

  LDAP_OPT_HOST_NAME         = $30;
  LDAP_OPT_ERROR_NUMBER      = $31;
  LDAP_OPT_ERROR_STRING      = $32;


  LDAP_OPT_ON                = pointer(1);
  LDAP_OPT_OFF               = pointer(0);

function ldap_simple_bind(ld: PLDAP; dn: PCHAR; passwd: PCHAR): ULONG; cdecl;
function ldap_simple_bind_s(ld: PLDAP; dn: PCHAR; passwd: PCHAR): ULONG; cdecl;
function ldap_bind(ld: PLDAP; dn: PCHAR; cred: PCHAR; method: ULONG): ULONG; cdecl;
function ldap_bind_s(ld: PLDAP; dn: PCHAR; cred: PCHAR; method: ULONG): ULONG; cdecl;

const
  LDAP_SCOPE_BASE        = $00;
  LDAP_SCOPE_ONELEVEL    = $01;
  LDAP_SCOPE_SUBTREE     = $02;
function ldap_search(
        ld:       PLDAP;
        base:     PCHAR;        // distinguished name or ""
        scope:    ULONG;        // LDAP_SCOPE_xxxx
        filter:   PCHAR;
        attrs:    PCHAR;        // pointer to an array of PCHAR attribute names
        attrsonly: ULONG         // boolean on whether to only return attr names
   ): ULONG; cdecl;
function ldap_search_s(
        ld:       PLDAP;
        base:     PCHAR;
        scope:    ULONG;
        filter:   PCHAR;
        attrs:    PCHAR;
        attrsonly: ULONG;
        res:      PPLDAPMessage
   ): ULONG; cdecl;
function ldap_search_st(
        ld:       PLDAP;
        base:     PCHAR;
        scope:    ULONG;
        filter:   PCHAR;
        attrs:    PCHAR;
        attrsonly: ULONG;
        timeout:  PLDAP_TIMEVAL;
        res:      PPLDAPMessage
   ): ULONG; cdecl;

function ldap_modify(ld: PLDAP; dn: PCHAR; mods: PLDAPMod): ULONG; cdecl;
function ldap_modify_s(ld: PLDAP; dn: PCHAR; mods: PLDAPMod): ULONG; cdecl;

function ldap_modrdn2(
    ExternalHandle:      PLDAP;
    DistinguishedName:   PCHAR;
    NewDistinguishedName: PCHAR;
    DeleteOldRdn:        INT
   ): ULONG; cdecl;
function ldap_modrdn(
    ExternalHandle:      PLDAP;
    DistinguishedName:   PCHAR;
    NewDistinguishedName: PCHAR
   ): ULONG; cdecl;
function ldap_modrdn2_s(
    ExternalHandle:      PLDAP;
    DistinguishedName:   PCHAR;
    NewDistinguishedName: PCHAR;
    DeleteOldRdn:        INT
   ): ULONG; cdecl;
function ldap_modrdn_s(
    ExternalHandle:      PLDAP;
    DistinguishedName:   PCHAR;
    NewDistinguishedName: PCHAR
   ): ULONG; cdecl;

function ldap_add(ld: PLDAP; dn: PCHAR; attrs: PLDAPMod): ULONG; cdecl; stdcall
function ldap_add_s(ld: PLDAP; dn: PCHAR; attrs: PLDAPMod): ULONG; cdecl;

function ldap_compare(ld: PLDAP; dn: PCHAR; attr: PCHAR; value: PCHAR): ULONG; cdecl;
function ldap_compare_s(ld: PLDAP; dn: PCHAR; attr: PCHAR; value: PCHAR): ULONG; cdecl;

function ldap_delete(ld: PLDAP; dn: PCHAR): ULONG; cdecl;
function ldap_delete_s(ld: PLDAP; dn: PCHAR): ULONG; cdecl;

function ldap_abandon(ld: PLDAP; msgid: ULONG): ULONG; cdecl;


const
  LDAP_MSG_ONE      = 0;
  LDAP_MSG_ALL      = 1;
  LDAP_MSG_RECEIVED = 2;

function ldap_result(
        ld:      PLDAP;
        msgid:   ULONG;
        all:     ULONG;
        timeout: PLDAP_TIMEVAL;
        res:     PPLDAPMessage
   ): ULONG; cdecl;

function ldap_msgfree(res: PLDAPMessage): ULONG; cdecl;

function ldap_result2error(
        ld:     PLDAP;
        res:    PLDAPMessage;
        freeit: ULONG            // boolean.. free the message?
   ): ULONG; cdecl;

function ldap_err2string(err: ULONG): PCHAR; cdecl;
procedure ldap_perror(ld: PLDAP; msg: PCHAR); cdecl;

function ldap_first_entry(ld: PLDAP; res: PLDAPMessage): PLDAPMessage; cdecl;
function ldap_next_entry(ld: PLDAP; entry: PLDAPMessage): PLDAPMessage; cdecl;
function ldap_count_entries(ld: PLDAP; res: PLDAPMessage): ULONG; cdecl;

type
  PBerElement = ^BerElement;
  BerElement = record
    opaque: PCHAR;     // this is an opaque structure used just for
                        // compatibility with reference implementation
  end;

const
  NULLBER = PBerElement(0);

function ldap_first_attribute(
        ld:     PLDAP;
        entry:  PLDAPMessage;
        var ptr: PBerElement
       ): PCHAR; cdecl;

function ldap_next_attribute(
        ld:     PLDAP;
        entry:  PLDAPMessage;
        ptr:    PBerElement
       ): PCHAR; cdecl;

function ldap_get_values(
        ld:     PLDAP;
        entry:  PLDAPMessage;
        attr:   PCHAR
       ): PPCHAR; cdecl;

function ldap_get_values_len(
    ExternalHandle:  PLDAP;
    Message:         PLDAPMessage;
    attr:            PCHAR
   ): PPLDAP_BERVAL; cdecl;

function ldap_count_values(vals: PPCHAR): ULONG; cdecl;

function ldap_count_values_len(vals: PPLDAP_BERVAL): ULONG; cdecl;
function ldap_value_free(vals: PPCHAR): ULONG; cdecl;
function ldap_value_free_len(vals: PPLDAP_BERVAL): ULONG; cdecl;
function ldap_get_dn(ld: PLDAP; entry: PLDAPMessage): PCHAR; cdecl;
function ldap_explode_dn(dn: PCHAR; notypes: ULONG): PPCHAR; cdecl;
function ldap_dn2ufn(dn: PCHAR): PCHAR; cdecl;
procedure ldap_memfree(Block: PCHAR); cdecl;
function ldap_ufn2dn(ufn: PCHAR; pDn: PPCHAR): ULONG; cdecl;

const
  LBER_USE_DER           = $01;
  LBER_USE_INDEFINITE_LEN = $02;
  LBER_TRANSLATE_STRINGS = $04;

  LAPI_MAJOR_VER1     = 1;
  LAPI_MINOR_VER1     = 1;

type
  PLDAP_VERSION_INFO = ^LDAP_VERSION_INFO;
  LDAP_VERSION_INFO = record
     lv_size: ULONG;
     lv_major: ULONG;
     lv_minor: ULONG;
  end;

function ldap_startup(
    version: PLDAP_VERSION_INFO
   ): ULONG; cdecl;


function ldap_cleanup : ULONG; cdecl;


function ldap_escape_filter_element(
   sourceFilterElement: PCHAR;
   sourceLength:        ULONG;
   destFilterElement:   PCHAR;
   destLength:          ULONG
  ): ULONG; cdecl;

function ldap_set_dbg_flags(NewFlags: ULONG): ULONG; cdecl;


implementation

uses LDAP_Test_Main, uLDAP;
{$IFDEF LINUX}
const
  sLDAPLIB = 'libldapssl41.so';
{$ENDIF}

{$IFDEF WIN32}
const
  sLDAPLIB = 'wldap32.dll';
{$ENDIF}

function ldap_open; external sLDAPLIB name 'ldap_open';
function ldap_init; external sLDAPLIB name 'ldap_init';
function ldap_sslinit; external sLDAPLIB name 'ldap_sslinit';
function cldap_open; external sLDAPLIB name 'cldap_open';
function ldap_simple_bind; external sLDAPLIB name 'ldap_simple_bind';
function ldap_simple_bind_s; external sLDAPLIB name 'ldap_simple_bind_s';
function ldap_bind; external sLDAPLIB name 'ldap_bind';
function ldap_bind_s; external sLDAPLIB name 'ldap_bind_s';
function ldap_search; external sLDAPLIB name 'ldap_search';
function ldap_search_s; external sLDAPLIB name 'ldap_search_s';
function ldap_search_st; external sLDAPLIB name 'ldap_search_st';
function ldap_modify; external sLDAPLIB name 'ldap_modify';
function ldap_modify_s; external sLDAPLIB name 'ldap_modify_s';
function ldap_modrdn2; external sLDAPLIB name 'ldap_modrdn2';
function ldap_modrdn; external sLDAPLIB name 'ldap_modrdn';
function ldap_modrdn2_s; external sLDAPLIB name 'ldap_modrdn2_s';
function ldap_modrdn_s; external sLDAPLIB name 'ldap_modrdn_s';
function ldap_add; external sLDAPLIB name 'ldap_add';
function ldap_add_s; external sLDAPLIB name 'ldap_add_s';
function ldap_compare; external sLDAPLIB name 'ldap_compare';
function ldap_compare_s; external sLDAPLIB name 'ldap_compare_s';
function ldap_delete; external sLDAPLIB name 'ldap_delete';
function ldap_delete_s; external sLDAPLIB name 'ldap_delete_s';
function ldap_err2string; external sLDAPLIB name 'ldap_err2string';
function ldap_first_attribute; external sLDAPLIB name 'ldap_first_attribute';
function ldap_next_attribute; external sLDAPLIB name 'ldap_next_attribute';
function ldap_get_values; external sLDAPLIB name 'ldap_get_values';
function ldap_get_values_len; external sLDAPLIB name 'ldap_get_values_len';
function ldap_count_values; external sLDAPLIB name 'ldap_count_values';
function ldap_value_free; external sLDAPLIB name 'ldap_value_free';
function ldap_get_dn; external sLDAPLIB name 'ldap_get_dn';
function ldap_explode_dn; external sLDAPLIB name 'ldap_explode_dn';
function ldap_dn2ufn; external sLDAPLIB name 'ldap_dn2ufn';
procedure ldap_memfree; external sLDAPLIB name 'ldap_memfree';
function ldap_unbind; external sLDAPLIB name 'ldap_unbind';
function ldap_unbind_s; external sLDAPLIB name 'ldap_unbind_s';
function ldap_get_option; external sLDAPLIB name 'ldap_get_option';
function ldap_set_option; external sLDAPLIB name 'ldap_set_option';
function ldap_abandon; external sLDAPLIB name 'ldap_abandon';
function ldap_ufn2dn; external sLDAPLIB name 'ldap_ufn2dn';
function ldap_escape_filter_element; external sLDAPLIB name 'ldap_escape_filter_element';
function ldap_result; external sLDAPLIB name 'ldap_result';
function ldap_msgfree; external sLDAPLIB name 'ldap_msgfree';
function ldap_result2error; external sLDAPLIB name 'ldap_result2error';
procedure ldap_perror; external sLDAPLIB name 'ldap_perror';
function ldap_first_entry; external sLDAPLIB name 'ldap_first_entry';
function ldap_next_entry; external sLDAPLIB name 'ldap_next_entry';
function ldap_count_entries; external sLDAPLIB name 'ldap_count_entries';
function ldap_count_values_len; external sLDAPLIB name 'ldap_count_entries_len';
function ldap_value_free_len; external sLDAPLIB name 'ldap_value_free_len';
function ldap_startup; external sLDAPLIB name 'ldap_startup';
function ldap_cleanup; external sLDAPLIB name 'ldap_cleanup';
function ldap_set_dbg_flags; external sLDAPLIB name 'ldap_set_dbg_flags';

function LDAP_IS_CLDAP(ld: PLDAP): boolean;
begin
  Result :=(ld^.ld_sb.sb_naddr > 0);
end;

function NAME_ERROR(n: integer): boolean;
begin
  Result :=((n and $f0) = $20);
end;

end.