It depends on your LDAP server. It appears that you are not using
Active Directory due to the way you have handled your start and username
attributes. AD allows any domain user to query the directory.
Other servers, such as Novell DS, may require you to first query the
directory for the DN of
There are three types of binds that a LDAP server can be configured for:
1. anonymous - the tree is world readable, so no credentials are checked,
and your search has all of the rights granted to anonymous
2. user bind - the user authenticates against the tree, and has rights
granted based upon
AD is closest to #2 in your list.
Mike
-Original Message-
From: Shannon Peevey [mailto:[EMAIL PROTECTED]
Sent: Friday, October 24, 2008 8:54 AM
To: cf-talk
Subject: Re: Proper Authentication with CFLDAP?
There are three types of binds that a LDAP server can be configured for:
1
Yes, this would let you know that they are authenticated. It assumes that
you LDAP server allows users to read from the tree. I'm not sure about using
the full DN to the object with the start key. I always use the people
container. Here is my example:
cfldap name=authenticate
4 matches
Mail list logo
