Maybe OpenBD is not handling the filter attribute properly. What happens if you remove it.
Paul From: [email protected] [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Thursday, January 29, 2009 9:57 AM To: [email protected] Subject: [OpenBD] Re: cfsearch Question Well, as I suspected you can't use "*" for attributes because it exceeds the size limit for queries of Active Directory so I basically dropped it to "cn" only: <cftry> <cfldap action="query" name="getCN" attributes="cn" start="dc=mydomain,dc=org" filter="(&(objectclass=user))" server="dc1" username="[email protected]<mailto:[email protected]>" password="password" separator=";"> <cfcatch type="ANY"> <cfoutput>#cfcatch#</cfoutput> </cfcatch> <cfdump var="#variables.getCN#"> <cfset queryRan="Yes"> <cfoutput>#queryRan#</cfoutput> </cftry> Of course I'm getting no cfcatch output because the cfldap query is running but returning nothing. Running this same query from Adobe CF returns the 1000 row limit from Active Directory as expected. On Wed, Jan 28, 2009 at 3:35 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: There shouldn't be but there could be a bug in OpenBD with how it handles the attributes or filter attribute. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 3:32 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question So there is a difference in the two cfldap implementations? I'm out of the office right now so I can't test your suggestions. Sent from my iPhone Anthony Hixon, Jr. Certified ColdFusion MX7 Advanced Developer Mobile: (706) 639-3617 Email: [email protected]<mailto:[email protected]> On Jan 28, 2009, at 3:23 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: If it's not erroring out then I'd try testing different scenarios to see if you can find one that works. For example, maybe you could try setting attributes to '*' and don't set a filter attribute to see if that returns anything. This would help rule out it being an issue with the attributes and filter attribute. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 3:04 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question We already use the u...@domain format for our credentials so that's not the holdup. As I said in my earlier post, I have Adobe CF running on the same box as OpenBD for testing and the same cfldap query returns the correct information. The cfldap tag itself is not erroring out on OpenBD, it's just not returning anything whereas it is from Adobe's side. Basically for testing, I'm just asking for memberOf, cn, and mail attributes for a user account based on saMAccountName. Sent from my iPhone Anthony Hixon, Jr. Certified ColdFusion MX7 Advanced Developer Mobile: (706) 639-3617 Email: [email protected]<mailto:[email protected]> On Jan 28, 2009, at 2:44 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: In the username attribute, make sure you are also specifying the domain of the active directory. For example, DOMAIN\username or usern...@domain. Hopefully that will fix it for you. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 2:36 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question I'm stumped on this one, but Matt has generously agreed to help me sort this one out because as I told him without this working, we'll have to give up on Open BD for now. Windows AD authentication is used as the primary authentication mechanism for all of our CF applications. If anyone has any ideas, I'd be grateful for their insight. Thanks again! On Wed, Jan 28, 2009 at 2:04 PM, Anthony Hixon, Jr. <[email protected]<mailto:[email protected]>> wrote: Update. I tested the same CFLDAP code on the same Ubuntu box but with Adobe's ColdFusion and it works perfectly. So, is there something different about OpenBD's CFLDAP implementation? On Tue, Jan 27, 2009 at 2:07 PM, Anthony Hixon, Jr. <[email protected]<mailto:[email protected]>> wrote: Worked perfectly. Thank you! Now, another question. I've been banging my head on this one for hours. Would it be possible for someone to test a cfldap query for just some basic info like givenName or CN against a Windows 2003 AD from an OpenBD/Jetty setup on Linux? I cannot get anything to come back from some code that works from an IIS web server when I try it from my OpenBD/Jetty server. CFLDAP shouldn't care where it runs from as long as the querying credentials are sufficient correct? I'd even be happy if someone told me "No, stupid you need to do this...". This is driving me crazy. On Tue, Jan 27, 2009 at 11:18 AM, Andy Wu <[email protected]<mailto:[email protected]>> wrote: Yes, try creating it via the cfcollection tag with storebody=true. Andy Anthony Hixon, Jr. wrote: > Should I just generate the collection through code at this point and > set the STOREBODY attribute to TRUE? Is that how it is set? -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> --~--~---------~--~----~------------~-------~--~----~ Open BlueDragon Public Mailing List http://groups.google.com/group/openbd?hl=en official site @ http://www.openbluedragon.org/ !! save a network - trim replies before posting !! -~----------~----~----~----~------~----~------~--~---
