Well, as I suspected you can't use "*" for attributes because it exceeds the
size limit for queries of Active Directory so I basically dropped it to "cn"
only:
<cftry>
<cfldap action="query"
name="getCN"
attributes="cn"
start="dc=mydomain,dc=org"
filter="(&(objectclass=user))"
server="dc1"
username="[email protected]"
password="password"
separator=";">
<cfcatch type="ANY">
<cfoutput>#cfcatch#</cfoutput>
</cfcatch>
<cfdump var="#variables.getCN#">
<cfset queryRan="Yes">
<cfoutput>#queryRan#</cfoutput>
</cftry>
Of course I'm getting no cfcatch output because the cfldap query is running
but returning nothing. Running this same query from Adobe CF returns the
1000 row limit from Active Directory as expected.
On Wed, Jan 28, 2009 at 3:35 PM, Paul Bonfanti <[email protected]> wrote:
> There shouldn't be but there could be a bug in OpenBD with how it handles
> the attributes or filter attribute.
>
>
>
> Paul
>
>
>
> *From:* [email protected] [mailto:[email protected]] *On
> Behalf Of *Anthony Hixon, Jr.
> *Sent:* Wednesday, January 28, 2009 3:32 PM
>
> *To:* [email protected]
> *Subject:* [OpenBD] Re: cfsearch Question
>
>
>
> So there is a difference in the two cfldap implementations?
>
>
>
> I'm out of the office right now so I can't test your suggestions.
>
> Sent from my iPhone
>
> Anthony Hixon, Jr.
>
> Certified ColdFusion MX7 Advanced Developer
>
> Mobile: (706) 639-3617
>
> Email: [email protected]
>
>
> On Jan 28, 2009, at 3:23 PM, Paul Bonfanti <[email protected]> wrote:
>
> If it's not erroring out then I'd try testing different scenarios to see
> if you can find one that works. For example, maybe you could try setting
> attributes to '*' and don't set a filter attribute to see if that returns
> anything. This would help rule out it being an issue with the attributes and
> filter attribute.
>
>
>
> Paul
>
>
>
> *From:* [email protected]
> [mailto:[email protected]<[email protected]>]
> *On Behalf Of *Anthony Hixon, Jr.
> *Sent:* Wednesday, January 28, 2009 3:04 PM
> *To:* [email protected]
> *Subject:* [OpenBD] Re: cfsearch Question
>
>
>
> We already use the u...@domain format for our credentials so that's not
> the holdup. As I said in my earlier post, I have Adobe CF running on the
> same box as OpenBD for testing and the same cfldap query returns the correct
> information.
>
>
>
> The cfldap tag itself is not erroring out on OpenBD, it's just not
> returning anything whereas it is from Adobe's side. Basically for testing,
> I'm just asking for memberOf, cn, and mail attributes for a user account
> based on saMAccountName.
>
> Sent from my iPhone
>
> Anthony Hixon, Jr.
>
> Certified ColdFusion MX7 Advanced Developer
>
> Mobile: (706) 639-3617
>
> Email: [email protected]
>
>
> On Jan 28, 2009, at 2:44 PM, Paul Bonfanti <[email protected]> wrote:
>
> In the username attribute, make sure you are also specifying the domain
> of the active directory. For example, DOMAIN\username or
> [email protected] that will fix it for you.
>
>
>
> Paul
>
>
>
> *From:* [email protected]
> [mailto:[email protected]<[email protected]>]
> *On Behalf Of *Anthony Hixon, Jr.
> *Sent:* Wednesday, January 28, 2009 2:36 PM
> *To:* [email protected]
> *Subject:* [OpenBD] Re: cfsearch Question
>
>
>
> I'm stumped on this one, but Matt has generously agreed to help me sort
> this one out because as I told him without this working, we'll have to give
> up on Open BD for now. Windows AD authentication is used as the primary
> authentication mechanism for all of our CF applications.
>
> If anyone has any ideas, I'd be grateful for their insight.
>
> Thanks again!
>
> On Wed, Jan 28, 2009 at 2:04 PM, Anthony Hixon, Jr. <[email protected]>
> wrote:
>
> Update.
>
> I tested the same CFLDAP code on the same Ubuntu box but with Adobe's
> ColdFusion and it works perfectly.
>
> So, is there something different about OpenBD's CFLDAP implementation?
>
>
>
> On Tue, Jan 27, 2009 at 2:07 PM, Anthony Hixon, Jr. <[email protected]>
> wrote:
>
> Worked perfectly. Thank you!
>
> Now, another question. I've been banging my head on this one for hours.
>
> Would it be possible for someone to test a cfldap query for just some basic
> info like givenName or CN against a Windows 2003 AD from an OpenBD/Jetty
> setup on Linux? I cannot get anything to come back from some code that works
> from an IIS web server when I try it from my OpenBD/Jetty server. CFLDAP
> shouldn't care where it runs from as long as the querying credentials are
> sufficient correct? I'd even be happy if someone told me "No, stupid you
> need to do this...". This is driving me crazy.
>
>
>
> On Tue, Jan 27, 2009 at 11:18 AM, Andy Wu <[email protected]> wrote:
>
>
> Yes, try creating it via the cfcollection tag with storebody=true.
>
>
> Andy
>
> Anthony Hixon, Jr. wrote:
>
> > Should I just generate the collection through code at this point and
> > set the STOREBODY attribute to TRUE? Is that how it is set?
>
>
>
>
>
>
>
> --
> Anthony Hixon, Jr.
> Certified Advanced ColdFusion MX 7 Developer
> Mobile: (706) 639-3617
> [email protected]
>
>
>
>
> --
> Anthony Hixon, Jr.
> Certified Advanced ColdFusion MX 7 Developer
> Mobile: (706) 639-3617
> [email protected]
>
>
>
>
> --
> Anthony Hixon, Jr.
> Certified Advanced ColdFusion MX 7 Developer
> Mobile: (706) 639-3617
> [email protected]
>
>
>
>
>
>
>
>
>
>
>
>
> >
>
--
Anthony Hixon, Jr.
Certified Advanced ColdFusion MX 7 Developer
Mobile: (706) 639-3617
[email protected]
--~--~---------~--~----~------------~-------~--~----~
Open BlueDragon Public Mailing List
http://groups.google.com/group/openbd?hl=en
official site @ http://www.openbluedragon.org/
!! save a network - trim replies before posting !!
-~----------~----~----~----~------~----~------~--~---
