The next thing to check is if the admins have denied the ability to query the directory. They would be the only ones to tell you that.
Or, if you have admin access, you can open Active Directory Users & Computers and check the permissions of the domain root level. (Right-click, Properties, Security) See if domain users have been denied any type of access to attributes or querying the directory. By default, all users can query the directory, but I'm pretty sure this can be changed. When you try the CFLDAP code that fails, catch the exception and display the error message and details. It may give you a clue. You should get something such as NOT_WILLING_TO_RESPOND. m!ke -----Original Message----- From: david reiter [mailto:[EMAIL PROTECTED] Sent: Sunday, March 09, 2008 8:44 PM To: CF-Talk Subject: Re: CFLDAP finds cn but can't find password or certain attributes Thanks, Michael. I don't think the syntax is the problem because it works when I replace #FORM.UserLogin# with the admin account username and #FORM.UserPassword# with the admin password. I assume it's an AD because the password name is unicodePwd - their admin isn't sure (believe it or not). I gather client IS departments aren't always fully cooperative with vendors. You're right - I don't need to know the user's password, I just need to authenticate with it. But even the simple CFLDAP query that retrieves the cn won't execute if I use the user's credentials - it only works if I use the administrative name and pw. I tried a single query as you suggest, and it throws an error every time, citing the line with password="#FORM.UserPassword#" as the error source in the CFLDAP query. This works: <cfldap action="QUERY" name="find_user" start="DC=XXX,DC=XXXX,DC=XXX" attributes="cn,givenName,sn,department" scope="subtree" filter="cn=#FORM.UserLogin#" server="[server IP address]" username="[admin account name]" password="[admin password]"> This doesn't: <cfldap action="QUERY" name="authenticate" start="DC=XXX,DC=XXXX,DC=XXX" attributes="cn,givenName,sn,department" scope="subtree" filter="cn=#FORM.UserLogin#" server="[server IP address]" username="#FORM.UserLogin#" password="#FORM.UserPassword#"> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:300858 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
