?
Solved

LDAP

Posted on 2005-03-28
5
Medium Priority
?
2,358 Views
Last Modified: 2013-12-24
Hi,

I need to have users authenticate against LDAP.  I have the following CFLDAP code and am having problems:

<cfldap
server="10.1.1.41"
action="query"
name="getme"
start="o=kant"
filter="cn=johnpa"
attributes="cn,mail">

I get the following error:

An error has occured while trying to execute query :[LDAP: error code 1 - 00000000: LdapErr: DSID-0C0905FF, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece].  
One or more of the required attributes may be missing/incorrect or you do not have permissions to execute this operation on the server .

The error occurred in C:\CFusionMX\wwwroot\form.cfm: line 11
 
9 :
10 : <cfldap
11 :       server="10.1.1.41"
12 :       action="query"
13 :       name="getme"
 
This is the IP Address to our AD Server.  I've tried the long address kaads.kant.local which is what is in DNS but I get the same error message.  Can anyone help?

Thanks.

John
0
Comment
Question by:jcpatterson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 21

Assisted Solution

by:pinaldave
pinaldave earned 375 total points
ID: 13647551
is your LDAP server running on default port of 389.
If not in that case you need to specify the port address.
Regards,
---Pinal
0
 
LVL 1

Author Comment

by:jcpatterson
ID: 13647615
Yes, it is on port 389.  I have a little utility which displays our LDAP information.  Here is what it looks like:

ld = ldap_open("kaads", 389);
Established connection to kaads.
Retrieving base DSA information...
Result <0>: (null)
Matched DNs:
Getting 1 entries:
>> Dn:
      1> currentTime: 3/28/2005 16:51:22 Eastern Standard Time Eastern Standard Time;
      1> subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=kant,DC=local;
      1> dsServiceName: CN=NTDS Settings,CN=KAADS,CN=Servers,CN=Farmington,CN=Sites,CN=Configuration,DC=kant,DC=local;
      5> namingContexts: DC=kant,DC=local; CN=Configuration,DC=kant,DC=local; CN=Schema,CN=Configuration,DC=kant,DC=local; DC=DomainDnsZones,DC=kant,DC=local; DC=ForestDnsZones,DC=kant,DC=local;
      1> defaultNamingContext: DC=kant,DC=local;
      1> schemaNamingContext: CN=Schema,CN=Configuration,DC=kant,DC=local;
      1> configurationNamingContext: CN=Configuration,DC=kant,DC=local;
      1> rootDomainNamingContext: DC=kant,DC=local;
0
 
LVL 12

Accepted Solution

by:
mmc98dl1 earned 375 total points
ID: 13647966
looks to me like you are trying to ask LDAP a question anonymously, try adding in  username="domain\username" password="password" and see if that akes a difference, make sure you use a user on the domain with suitable level of access.

Also, in my experience the filter attribute doesnt look like yours at all.

For example if you want only users returned:

filter="(&(objectclass=user))"

or a specific user by surname:

filter="(&(objectclass=user)(sn=surname*))"
0
 
LVL 1

Author Comment

by:jcpatterson
ID: 13651676
Hi,

I rewrote the tag with the following example:

<cfldap
      action="query"
      name="getme"
      server="kaads.kant.local"
      port="389"
      username="johnpa"
      password="fishy"
      start="dn=kant"
      filter="cn=johnpa"
      attributes="cn">

I am gett a new error:

Inappropriate authentication  
 
 
The error occurred in C:\CFusionMX\wwwroot\form.cfm: line 19
 
17 :       start="dn=kant"
18 :       filter="cn=johnpa"
19 :       attributes="cn">
20 :
21 : <cfoutput>#cn#</cfoutput>

Your patience is appreciated.


John
0
 
LVL 1

Author Comment

by:jcpatterson
ID: 13655093
I was able to get it working myself.  I went to Google Groups and there was more information there.  Anyway the answer is to make sure the account being used to query LDAP is a member of Account Operators group.

This question is closed.

Thanks.

John
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question