ColdFusion - Connect to LDAP Server

I am using cfldap (ColdFusion 2016) to connect to an LDAP server but the server starts with LDAPS://. ColdFusion throws an error that it is an invalid name. When I try to connect without LDAPS, it throws "An error has occured while executing the query. Below is the full tag I am using.

<cftry>
     <cfldap server="#servername#" 
             username="#username#"
             password="#password#"
             port="636" action="query"
             name="qryName"
             start="#start#"
             attributes="#attributes#"
             filter="#filter#"
             scope="SUBTREE"
             secure="cfssl_basic">

    <cfcatch type="any">
          <cfdump var="#cfcatch#">
    </cfcatch>

</cftry>

Is there anything missing?

2 answers

  • answered 2017-11-12 20:54 Justin Cook

    You're missing a double quote after #start#. Not sure if that is in your actual code though.

  • answered 2017-11-13 13:33 Jason Steinshouer

    You may need to import the ldap server's certificate or if it is Active Directory the domain's CA certificate into the java keystore.

    https://helpx.adobe.com/coldfusion/kb/import-certificates-certificate-stores-coldfusion.html

    Also, here is an example os authenticating via Active Directory.

    cfldap(
        server = "ServerName",
        port = 636,
        action = "QUERY",
        name = "qLDAPLookup",
        secure = "CFSSL_BASIC",
        username = "MYDOMAIN\#arguments.username#",
        password = arguments.password,
        start = "dc=MYDOMAIN,dc=MYTLD",
        attributes = "cn,userPrincipalName,title,mail",
        timeout = "10",
        filter = "(sAMAccountName=#arguments.username#)"
    );
    
    if (qLDAPLookup.recordCount) {
        userAuthenticated = true;
    }