I have never seen a option to return nested groups. AD/LDAP will only return the first level of group membership.
If you need group membership recursion, you will need to roll your own. However, watch out for circular references. It is possible to nest two groups inside each other. AD allows the following example: Group1 is a member of Group2 Group2 is a member of Group1 One option would be to have another CFLDAP page "crawl" all groups in the entire directory and store all member information in a application-based query. You could then use QoQ which would be faster than many LDAP queries. Or, have the "crawler" break down the hierarchy so that it works the way you need. m!ke -----Original Message----- From: Ian Skinner [mailto:[EMAIL PROTECTED] Sent: Friday, May 23, 2008 12:52 PM To: CF-Talk Subject: SOT: Active Directory LDAP question. I'm consuming Active Directory LDAP data with a <CFLDAP...> tag. But I believe my question is more on the MS Active Directory side the <CFLDAP...> side. We are using this information for program access based on what groups of which a user is a member. This works well with users that are directly a member of a group. But it is failing when a user is a member of a group that itself is a member of another group. When I last did work like this, I thought this scenario worked as desired, with the <cfldap...> call return all groups a user is a member of whether directly or indirectly through other groups. Is this something configurable in Active Directory to return all these groups, even nested groups? Or am I going to have to create logic that loops through all groups returned by a user call and see if those groups are members of other groups which could be members of other groups, ect? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;192386516;25150098;k Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:305957 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
