Ian, sorry it took so long to reply. If you already figured this out, please ignore. ;-)
You need to use the "DN" attribute of the CFLDAP tag to select a single AD object. You are not able to use the "ATTRIBUTES" attribute of the CFLDAP tag because you must use that attribute to set the new values. If you need to modify multiple objects, you will need to do an initial CFLDAP call to retrieve the DNs that need to be modified. Then, you would CFLOOP over that query and perform a CFLDAP for each loop. I don't know of any way to modify multiple objects using LDAP other than looping. M!ke -----Original Message----- From: Ian Vaughan [mailto:[EMAIL PROTECTED] Sent: Friday, February 03, 2006 8:39 AM To: CF-Talk Subject: RE: Coldfusion and Active Directory That worked thanks !! Just one more small point, I need to create a web form that will allow certain users based on their permissions to update/modify the user information stored in the AD. In the ldap attributes of the modify what is the LDAP equivalent of the SQL Where clause ? I.E. If I wanted to update a users details how would the AD know which user record I would be referring to ? The sAMAccountName would be the unique field equivalent to a primary key in a database table <cfldap username="#ldap_user#" password="#ldap_password#" action="modify" server="#ldap_server" modifyType="replace" delimiter=";" dn="CN=AD-SOME-GROUP;OU=Groups;OU=SOME;dc=ads;dc=somedomain;dc=com" attributes= "sAMAccountName=form.sAMAccountName, sn=form.sn,givenName=form.givenName"> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:231662 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
