Thanks Steve, Yeah it's Active Directory not Novell.
I thought they might be attributes, once I know what my schema looks like then I can use my own, and my guess the connection error is because I don't know my "start" info right??? I've got all my other details - server location, port and my sys admin advised I've got read access to this ldap, but won't it be Cold Fusion that will need read access?? If I place my username/password details in the cfldap tag even as an application variable, I need to change my password every 40 days it'll be a pain in the arse to update. Should I be requesting for a generic username/password that won't expire?? Matty -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, 25 March 2003 2:07 PM To: CFAussie Mailing Li Subject: [cfaussie] RE: CFLDAP Matt, Cn, ou, o etc. are just other attributes you may or may not have available to you once you query ldap. Cn is usually "common name", o is "organisation" etc. So when you do an ldap query with the attribute "*", it is likely that your query object will contain a column named "cn" that will contain something like "Steve Clifton" or "Matt Hickman" etc. What directory are you querying? Is it Active Directory or Novell Directory Service? The example I gave you was for NDS. Below is an ldap query for AD. You might need to set up a user that has rights to access AD. Also note the "start" attribute used in the tag... You will need to find this out from your sysadmin, and is very important. This tells ldap where to start looking for the data you want, and is a similar concept to the file path of a directory structure. <cfldap action="QUERY" name="getstuff" attributes="*" start="cn=username,ou=staff,dc=mail" scope="SUBTREE" server="172.16.x.xxx" username="cn=adminuser,ou=staff,dc=mail" password="password"> So this is an ldap query named "getstuff". It will return all attributes from the record (same as SQL select * from table). It will search for a cn of "username" in the mail\staff\ folder of AD, and the scope of "subtree" means it will also search all sub folders of the staff folder. The server is an IP address, but may also be a host name such as vodaphone.com.au, while the username and password are hardcoded with the username and password of an account with rights to AD. This is my simplistic way (don't know any other way) of looking at it. Hope it helps. Steve -----Original Message----- From: Hickman, Matt [mailto:[EMAIL PROTECTED] Sent: Tuesday, 25 March 2003 1:32 PM To: CFAussie Mailing List Subject: [cfaussie] RE: CFLDAP Thanks Steve shall try this. I've got some connection problems I'm getting "cannot connect to ldap" or something similar. So I'm doublechecking with adminstrators. Once I connect then I'll check what attributes now using the "*". Cool. But in many examples I've seen the "cn=, ou=, o=" What do all these mean?? Thanx -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, 25 March 2003 12:12 PM To: CFAussie Mailing List Subject: [cfaussie] RE: CFLDAP Matt, Sorry... If you are wanting to figure out the attributes you have available to you, the "attributes" attribute should be "*". My example would only dump the givenName and sn in the example I sent earlier. Ie. <cfldap action="QUERY" name="getstuff" attributes="*" start="cn=#form.username#,ou=Users,ou=Staff,ou=Kew,o=xyz" scope="SUBTREE" server="xxx.xx.x.x"> <cfdump var="#getstuff#"> Should give you the lot. Steve -----Original Message----- From: Clifton Steve Sent: Tuesday, 25 March 2003 12:06 PM To: CFAussie Mailing List Subject: [cfaussie] RE: CFLDAP Yes... <cfldap action="QUERY" name="getstuff" attributes="givenName, sn" start="cn=#form.username#,ou=Users,ou=Staff,ou=Kew,o=xyz" scope="SUBTREE" server="xxx.xx.x.x"> <cfdump var="#getstuff#"> To test the connection, wrap cftry around it and catch and dump any errors. steve -----Original Message----- From: Hickman, Matt [mailto:[EMAIL PROTECTED] Sent: Tuesday, 25 March 2003 11:32 AM To: CFAussie Mailing List Subject: [cfaussie] CFLDAP Hi all, Just trying to connect to LDAP using <CFLDAP> tag. Was wondering how I can dump the scope of this tag using <cfdump>??? Can I do so?? I'm trying to figure out the attributes I've got to work with to help build my future authentication/personalisation bits. Also how can I test the connection?? Matt ********************************************************************** A new world of colour, sound and pictures awaits you: Vodafone Live! More details at http://www.vodafone.com.au/live/ **********************************************************************" This correspondence is for the named person's use only. It may contain confidential or legally privileged information or both. " No confidentiality or privilege is waived or lost by any " mistransmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. Any views expressed in this message are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of Vodafone. This email has been checked for viruses. ************************************************************************ ********************** --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/ --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/ --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/ ********************************************************************** A new world of colour, sound and pictures awaits you: Vodafone Live! More details at http://www.vodafone.com.au/live/ **********************************************************************" This correspondence is for the named person's use only. It may contain confidential or legally privileged information or both. " No confidentiality or privilege is waived or lost by any " mistransmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. Any views expressed in this message are those of the individual sender, except where the sender expressly, and with authority, states them to be the views of Vodafone. This email has been checked for viruses. ************************************************************************ ********************** --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/ --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/ --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/
