Skip to main content
C
coolidge
Known Participant
April 27, 2009
Question

help with cfldap

  • April 27, 2009
  • 1 reply
  • 1957 views

Hello - I'm trying to display the results of an LDAP query of Active Directory on a Web page.  Here is the query:

<cfldap action="QUERY"
name="getResults"
attributes="dn"
start="dc=domain,dc=com"
filter="(&(objectclass=user)(name=abc))"
server="theServer"
username="abc"
password="MyPassword"
separator=";"
scope="subtree">

This query authenticates to AD, but it does not return any records.  All attributes appear to be correct.  The query does not throw errors; it simply returns 0 records when I know there should be at least one.  I would greatly appreciate any suggestions anyone might have.  Thank you!!

This topic has been closed for replies.

1 reply

ilssac
ilssac
Inspiring
April 27, 2009

Try scope="oneLevel" first.  I've had a lot of trouble with 'subTree' where your username and account have permission to the parent level, but not to some node in the child levels and thus the entire request is rejected.

Also I find the LDAP browser from Softerra to be very helpful to explore and develope the LDAP syntax for my <cfldap...> tags.


It is free from: http://www.softerra.com/download.htm

C
coolidgeAuthor
Known Participant
April 28, 2009

That helped...thank you, Ian.  My LDAP query now returns records.  I'd like to take it one step further and return members of an AD group.  Again, the LDAP query I have returns 0 records - it should return 200 or so.  Here it is:

<cfldap action="QUERY"
name="getResults"
attributes="givenName"
start="DC=MyCompany,DC=com"
filter="(&(objectclass=Person)(memberOf=DN=GroupName,OU=MyOU,DC=MyCompany,DC=com))"
server="ServerName"
username="UserName"
password="MyPassword"

scope="subtree"
delimiter="chr(9)">

I used this page as a guide: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:55298

Does the query look right?  Thanks again for your help.

ilssac
ilssac
Inspiring
April 28, 2009

I would start with something like this.

attributes="*"

filter = "(CN=PUR ITB Staff,OU=ITB Users,OU=I will not share the rest)"

A group is just another node leaf that you query just like you where doing before.  When you dump the resuting record set of the <cfldap...> tag it will have a column|property named 'MembersOf" which is a nested list of Distinguished names of all the members of that group.  You can parset that list directly from the record set or you can tell <cfldap...> to just get that property with attributes="memberOf" which then CF will break the list up for you IIRC.

HTH

Ian

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices