I just committed a fix for this so it should be included in tonight's nightly build.
Paul From: [email protected] [mailto:[email protected]] On Behalf Of Paul Bonfanti Sent: Friday, January 30, 2009 9:09 PM To: [email protected] Subject: [OpenBD] Re: cfsearch Question Looks like the separator attribute isn't working properly in OpenBD. I'll try to get that fixed for you on Monday. Paul From: [email protected] [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Friday, January 30, 2009 4:05 PM To: [email protected] Subject: [OpenBD] Re: cfsearch Question Paul, I hate to bother you again but would you mind trying a "memberOf" attribute query on one of your user accounts that's a member of multiple groups, add separator = ";" to your query, and let me know if the resulting group list entries are indeed separated by semi-colons? I appreciate it. On Fri, Jan 30, 2009 at 11:47 AM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: The following worked for me with my Active Directory. Could you try it and see if it works for you? <!--- Username can be "NEWATLANTA\Administrator" or "[email protected]" or "administra...@newatlanta"---> <cfldap server = "<myserver>" username="administra...@newatlanta" password="<mypassword>" action = "query" name = "results" START = "cn=Users, dc=newatlanta, dc=local" attributes = "cn"> <cfdump var="#results#"> Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Anthony Hixon, Jr. Sent: Thursday, January 29, 2009 10:55 AM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question Same results. Nothing from OpenBD. 1000 rows returned from Adobe CF. On Thu, Jan 29, 2009 at 10:16 AM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: Maybe OpenBD is not handling the filter attribute properly. What happens if you remove it. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Anthony Hixon, Jr. Sent: Thursday, January 29, 2009 9:57 AM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question Well, as I suspected you can't use "*" for attributes because it exceeds the size limit for queries of Active Directory so I basically dropped it to "cn" only: <cftry> <cfldap action="query" name="getCN" attributes="cn" start="dc=mydomain,dc=org" filter="(&(objectclass=user))" server="dc1" username="[email protected]<mailto:[email protected]>" password="password" separator=";"> <cfcatch type="ANY"> <cfoutput>#cfcatch#</cfoutput> </cfcatch> <cfdump var="#variables.getCN#"> <cfset queryRan="Yes"> <cfoutput>#queryRan#</cfoutput> </cftry> Of course I'm getting no cfcatch output because the cfldap query is running but returning nothing. Running this same query from Adobe CF returns the 1000 row limit from Active Directory as expected. On Wed, Jan 28, 2009 at 3:35 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: There shouldn't be but there could be a bug in OpenBD with how it handles the attributes or filter attribute. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 3:32 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question So there is a difference in the two cfldap implementations? I'm out of the office right now so I can't test your suggestions. Sent from my iPhone Anthony Hixon, Jr. Certified ColdFusion MX7 Advanced Developer Mobile: (706) 639-3617 Email: [email protected]<mailto:[email protected]> On Jan 28, 2009, at 3:23 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: If it's not erroring out then I'd try testing different scenarios to see if you can find one that works. For example, maybe you could try setting attributes to '*' and don't set a filter attribute to see if that returns anything. This would help rule out it being an issue with the attributes and filter attribute. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 3:04 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question We already use the u...@domain format for our credentials so that's not the holdup. As I said in my earlier post, I have Adobe CF running on the same box as OpenBD for testing and the same cfldap query returns the correct information. The cfldap tag itself is not erroring out on OpenBD, it's just not returning anything whereas it is from Adobe's side. Basically for testing, I'm just asking for memberOf, cn, and mail attributes for a user account based on saMAccountName. Sent from my iPhone Anthony Hixon, Jr. Certified ColdFusion MX7 Advanced Developer Mobile: (706) 639-3617 Email: [email protected]<mailto:[email protected]> On Jan 28, 2009, at 2:44 PM, Paul Bonfanti <[email protected]<mailto:[email protected]>> wrote: In the username attribute, make sure you are also specifying the domain of the active directory. For example, DOMAIN\username or usern...@domain. Hopefully that will fix it for you. Paul From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Anthony Hixon, Jr. Sent: Wednesday, January 28, 2009 2:36 PM To: [email protected]<mailto:[email protected]> Subject: [OpenBD] Re: cfsearch Question I'm stumped on this one, but Matt has generously agreed to help me sort this one out because as I told him without this working, we'll have to give up on Open BD for now. Windows AD authentication is used as the primary authentication mechanism for all of our CF applications. If anyone has any ideas, I'd be grateful for their insight. Thanks again! On Wed, Jan 28, 2009 at 2:04 PM, Anthony Hixon, Jr. <[email protected]<mailto:[email protected]>> wrote: Update. I tested the same CFLDAP code on the same Ubuntu box but with Adobe's ColdFusion and it works perfectly. So, is there something different about OpenBD's CFLDAP implementation? On Tue, Jan 27, 2009 at 2:07 PM, Anthony Hixon, Jr. <[email protected]<mailto:[email protected]>> wrote: Worked perfectly. Thank you! Now, another question. I've been banging my head on this one for hours. Would it be possible for someone to test a cfldap query for just some basic info like givenName or CN against a Windows 2003 AD from an OpenBD/Jetty setup on Linux? I cannot get anything to come back from some code that works from an IIS web server when I try it from my OpenBD/Jetty server. CFLDAP shouldn't care where it runs from as long as the querying credentials are sufficient correct? I'd even be happy if someone told me "No, stupid you need to do this...". This is driving me crazy. On Tue, Jan 27, 2009 at 11:18 AM, Andy Wu <[email protected]<mailto:[email protected]>> wrote: Yes, try creating it via the cfcollection tag with storebody=true. Andy Anthony Hixon, Jr. wrote: > Should I just generate the collection through code at this point and > set the STOREBODY attribute to TRUE? Is that how it is set? -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> -- Anthony Hixon, Jr. Certified Advanced ColdFusion MX 7 Developer Mobile: (706) 639-3617 [email protected]<mailto:[email protected]> --~--~---------~--~----~------------~-------~--~----~ Open BlueDragon Public Mailing List http://groups.google.com/group/openbd?hl=en official site @ http://www.openbluedragon.org/ !! save a network - trim replies before posting !! -~----------~----~----~----~------~----~------~--~---
