What LDAP server are you using, Active Directory or something else? You shouldn't need to query the password attribute.
If you are using Active Directory, you only need one CFLDAP tag. Just pass in the username as "domain\user" or "[EMAIL PROTECTED]". AD will let any domain user query the directory and you don't need to use the distinguishedName for the username. Novell, however, requires the username to be similar to "cn=mdawson,o=company". Those types of directories require two CFLDAP queries, of course, where the first query retrieves the distinguishedName and the second query attempts to authenticate the user. You should be able to match on most any attributes. Make sure you start with a very simple filter. "sAMAccountName=mdawson" or "givenName=Michael". However, if you are unsure what the values are, just query them, using CFLDAP and output them. Set your CFLDAP ATTRIBUTES = "givenName,sn,cn,name,dn". I would avoid using an asterisk to select all attributes. It doesn't work well with multi-value attributes such as "memberOf". Post your code, if you can, and we will take a look. m!ke -----Original Message----- From: david reiter [mailto:[EMAIL PROTECTED] Sent: Thursday, February 28, 2008 8:08 PM To: CF-Talk Subject: CFLDAP problem I'm having a difficult time with a client's LDAP server. I'm using the routine 2-query CFLDAP auth scheme that first confirms the username on the nameserver using admin creds, then matches the username and password using the user's creds. The code works fine on multiple other instances. But I can't query one client's LDAP server beyond matching the username via the filter. When I add the password, even without any other attributes as filter="(unicode_Pwd=#FORM.userlogin#)", the query won't execute. I can't query at all via basic security / port 636, and using the unsecured default port acts as above. I am also unable to match on attributes their admin swears are correct. I can pull some (e.g. cn, firstName, givenName) but not others (e.g. samaccountName). And I'm at the limits of my CFLDAP experience and knowledge. The client seems not to have anyone with expert knowledge of their LDAP server. Any ideas would be greatly appreciated. Thanks! David ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:300172 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
