Thanks a lot - that's all helpful. But I have no control over the client's LDAP attributes so I'm stuck with their naming convention (which is inconsistent). And the username / pasword set they gave me, which works to log onto their intranet, doesn't work in a CFLDAP query. I think I'll try each of the name attributes mentioned in one of the responses above as the username in the authentication (second) CFLDAP query - I'll retrieve them from the first query that confirms that the username is present in their name server, and substitute one at a time (e.g. username="#sAMAccountName#" etc). Maybe that will find one that works with the assigned password. This is frustrating, to say the least!
Best regards to all - David >Or use the userPrincipalName of [EMAIL PROTECTED] > >I would suggest that each of you create an object dumper page that >outputs all of the Active Directory variables for users. > >Then, compare the following attributes: >cn >distinguishedName >name >sAMAccountName >userPrincipalName > >In our directory, we ensure that all of these values are consistent. > >In other words, for my user: >cn = md40 >distinguishedName = CN=md40,OU=.... >name = md40 >sAMAccountName = md40 >userPrincipalName = [EMAIL PROTECTED] > >This consistency is very helpful, but may not be possible in your >installation. > >I spend several days manually renaming accounts so that they matched our >current style of usernames. It was time well spent. > >m!ke > >attributes > >OK, I got it to work. It was the user name. It is wierd. My login >account is nstein, but cn is Nick Stein, so I have to use the latter in >my CFLDAP. > >Here is the code that works: > ><cfldap action="QUERY" > name="GetUserInfo" > attributes="givenName,sn,cn,name,dn" > start="DC=codagenomics,DC=net" > scope="subtree" > filter="(&(objectClass=user)(objectCategory=Person)(cn=Nick Stein))" > server="192.168.xxx.xxx" > username="Nick Stein" > password="Wolfst93" >> ><cfdump expand="yes" var="#GetUserInfo#" /> > >and it dumps 1 record. If I remove the (cn=Nick Stein), it dumps all >the records for the user category. > >this thread... >http://forum.java.sun.com/thread.jspa?messageID=4227692 >mentioned the fact that a 525 error is "user not found". That got me on >the trail of checking the cn value, which I assumed (and we all know >what that does) it was the same as my login ID. > >Nick Stein ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:301063 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
