如何在Coldfusion中从Active Directory的根目录进行搜索
我正在尝试使用Coldfusion登录向导来查询Active Directory,但是目录结构有问题。本质上,我需要从同一根OU下的多个嵌套OU进行查询。例如,OU“管理员”和“职员”是OU“学校用户”的孩子。我可以使用下面的代码单独成功地查询每个子OU,但我无法查询根(学校用户)OU如何在Coldfusion中从Active Directory的根目录进行搜索,coldfusion,active-directory,ldap,Coldfusion,Active Directory,Ldap,我正在尝试使用Coldfusion登录向导来查询Active Directory,但是目录结构有问题。本质上,我需要从同一根OU下的多个嵌套OU进行查询。例如,OU“管理员”和“职员”是OU“学校用户”的孩子。我可以使用下面的代码单独成功地查询每个子OU,但我无法查询根(学校用户)OU 错误 感谢您的帮助您可以使用cfldap的范围属性并将其设置为子树: 它将允许从开始条目和它下面的所有级别进行搜索。我解决了这个问题。我需要添加子树的范围,还需要将用户名的身份验证方式从CN=somethin
错误
感谢您的帮助您可以使用
cfldap
的范围
属性并将其设置为子树
:
它将允许从开始条目和它下面的所有级别进行搜索。我解决了这个问题。我需要添加子树的
范围
,还需要将用户名的身份验证方式从CN=something更改为具有域的电子邮件地址什么是ColdFusion登录向导?Macromedia Homesite+5.1能够自动创建一组文件,用于连接LDAP等基本任务。这可能是一个更新版本。与您的问题无关,但查询名称ie userSearch也需要var
范围。这似乎仍然不起作用。以下是传递到cfldap Up voting的变量,因为听起来您的建议是解决方案的一部分。
<!-- This is the include file that sets the attributes and collects the username and password passed by the user-->
<cfset args.authtype = "LDAP">
<cfset args.server = "ads.schoolname.org">
<cfset args.port = "389">
<cfset args.start = "dc=schoolname, dc=org">
<cfset args.suser = "usr">
<cfset args.spwd = "password">
<cfset args.queryString = "cn={username},OU=ADMIN,OU=SCHOOL USERS,DC=SCHOOLNAME,DC=ORG">
<!-- The following is a snippet of the authenticate file that takes the above info and attempts to query and authenticate the user -->
<cffunction name="ldapauth" access="private" output="true" returntype="struct" hint="Authenticate against a LDAP server." >
<cfargument name="lServer" required="true" hint="The LDAP server.">
<cfargument name="lPort" hint="The port the LDAP server is running on.">
<cfargument name="sUsername" required="true" hint="The username that was set in the Login Wizard.">
<cfargument name="sPassword" required="true" hint="The password that was set in the Login Wizard.">
<cfargument name="uUsername" required="true" hint="The username that was passed in from the client.">
<cfargument name="uPassword" required="true" hint="The password that was passwd in from the client.">
<cfargument name="sQueryString" required="true" hint="The string to be passed to the LDAP server">
<cfargument name="lStart" required="true">
<cfset var retargs = StructNew()>
<cfset var username = replace(sQueryString,"{username}",uUserName)>
<cfldap action="QUERY"
name="userSearch"
attributes="dn"
start="#arguments.lStart#"
server="#arguments.lServer#"
port="#arguments.lPort#"
username="#arguments.sUsername#"
password="#arguments.sPassword#" >
<!--- If user search failed or returns 0 rows abort --->
<cfif userSearch.recordCount EQ "" >
<cfoutput>Error</cfoutput>
</cfif>
<!--- pass the user's DN and password to see if the user authenticates
and get the user's roles --->
<cfldap
action="QUERY"
name="auth"
attributes="dn,roles"
start="#arguments.lStart#"
server="#arguments.lServer#"
port="#arguments.lPort#"
username="#username#"
password="#arguments.uPassword#" >
<!--- If the LDAP query returned a record, the user is valid. --->
<cfif auth.recordCount>
<cfset retargs.authenticated="YES">
<!--- return role here, default role is always "user" --->
<cfset retargs.roles = "user">
</cfif>
<cfreturn retargs>
</cffunction>