I figured it out, somewhat.
In CFLDAP, the START attribute must be the distinguishedName of the
object you want to inspect. The SCOPE must be set to BASE.
Here is a working example (add your server and authentication info):
<cfldap
action = "query"
name = "ldapResults"
start = "CN=md40,OU=Employees,DC=domain,DC=com"
scope = "base"
attributes =
"sAMAccountName,distinguishedName,givenName,sn,tokenGroups"
filter =
"(&(objectCategory=Person)(sAMAccountName=md40))"
separator = "|"
returnasbinary = "tokenGroups"
delimiter = "|"
server = "server.domain.com"
port = "389"
username = "[email protected]"
password = "password">
<p><cfdump var="#ldapResults#" label=""></p>
The solution was on pg 138 (gray callout) in:
http://books.google.com/books?id=kGApqjobEfsC&pg=PA395&lpg=PA395&dq=acti
ve+directory+error+retrieving+tokengroups&source=bl&ots=p4psZeMSO5&sig=1
Lzo_7Jiyv_JD65mmwDKT5ihs5o&hl=en&ei=HRCoSfiyHJDMnQeww7jrDw&sa=X&oi=book_
result&resnum=5&ct=result#PPA138,M1
Now, I can access the binary output of the tokenGroups attributes. What
the heck do I do with it now? :^O
Thanks,
Mike
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;207172674;29440083;f
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:319910
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
