Active Directory

[Ray Hamann]

I need to use CFLDAP to match a form submitted username and password to Active Directory not knowing what OU's the user may be in. I have to use a special account to bind to AD with so the username and password attributes are already utilized. I can successfully pull back a users information using the code below, however, I must know the entire OU already, as there doesn't seem to be a wildcard search, AND, I can not filter on username and password.

This works:

cfldap name="authenticate"
server="myschoolsad.edu"
action=""
attributes="cn,sn,givenName,mail" start="OU=department,OU=group,DC=branch,DC=ad,DC=school,DC=edu"
filter="cn=JohnSmith"                    
sort="sn"
sortcontrol="nocase"
maxrows="100"
username="bindAccountUsername"
password="bindAccountPassword"

However, I can not drop the OU references from the start or it fails and I can not add a filter like:

(&(cn=#attributes.username#)(Password=#attributes.password

Is anyone doing this or can anyone offer a possible direction.

---

[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]

---