Is the working admin username just a name like "admin" or a DN like cn=admin,dc=something...?
On Tue, Mar 11, 2008 at 11:35 AM, david reiter <[EMAIL PROTECTED]> wrote: > Hi - > > The error message (which occurred in the line reading > filter="cn=#FORM.UserLogin#") is below: > > Authentication failed:[LDAP: error code 49 - 80090308: LdapErr: > DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece ] > > Does this help identify the problem? > > Thanks very much! > > David > > > >The next thing to check is if the admins have denied the ability to > >query the directory. They would be the only ones to tell you that. > > > >Or, if you have admin access, you can open Active Directory Users & > >Computers and check the permissions of the domain root level. > >(Right-click, Properties, Security) See if domain users have been > >denied any type of access to attributes or querying the directory. > > > >By default, all users can query the directory, but I'm pretty sure this > >can be changed. > > > >When you try the CFLDAP code that fails, catch the exception and display > >the error message and details. It may give you a clue. You should get > >something such as NOT_WILLING_TO_RESPOND. > > > >m!ke > > > > > >attributes > > > >Thanks, Michael. > > > >I don't think the syntax is the problem because it works when I replace > >#FORM.UserLogin# with the admin account username and #FORM.UserPassword# > >with the admin password. I assume it's an AD because the password name > >is unicodePwd - their admin isn't sure (believe it or not). I gather > >client IS departments aren't always fully cooperative with vendors. > > > >You're right - I don't need to know the user's password, I just need to > >authenticate with it. But even the simple CFLDAP query that retrieves > >the cn won't execute if I use the user's credentials - it only works if > >I use the administrative name and pw. > > > >I tried a single query as you suggest, and it throws an error every > >time, citing the line with password="#FORM.UserPassword#" as the error > >source in the CFLDAP query. > > > >This works: > > > ><cfldap action="QUERY" > > name="find_user" > > start="DC=XXX,DC=XXXX,DC=XXX" > > attributes="cn,givenName,sn,department" > > scope="subtree" > > filter="cn=#FORM.UserLogin#" > > server="[server IP address]" > > username="[admin account name]" > > password="[admin password]"> > > > >This doesn't: > > > ><cfldap action="QUERY" > > name="authenticate" > > start="DC=XXX,DC=XXXX,DC=XXX" > > attributes="cn,givenName,sn,department" > > scope="subtree" > > filter="cn=#FORM.UserLogin#" > > server="[server IP address]" > > username="#FORM.UserLogin#" > > password="#FORM.UserPassword#"> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:300916 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
