Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
CFLDAP and Active Directory
- Thread starter Sherylj
- Start date
Let me know when you find out... I am about to start that process this coming few weeks as we change our network.
My hope is to tie together our MDaemon, Active Directory, and our Cold Fusion "Intranet" website login.
Anyone who has done this I would appreciate some assistance.
Thank you,
David
My hope is to tie together our MDaemon, Active Directory, and our Cold Fusion "Intranet" website login.
Anyone who has done this I would appreciate some assistance.
Thank you,
David
Let me know too...
I am in the same boat.
1) DC login for the users.
2) SQL DB loging name and pass
3) MDaemon Username and Pass.
I am planning on testing CF to speak with our Domain Controller. If that works ok, I will begin testing the Mdaemon NT tool. This scares me because we need to have all of this as seamless as possibbl3, and MDaemon is not the best tool for this even with the add-on LDAP tool.
I am in the same boat.
1) DC login for the users.
2) SQL DB loging name and pass
3) MDaemon Username and Pass.
I am planning on testing CF to speak with our Domain Controller. If that works ok, I will begin testing the Mdaemon NT tool. This scares me because we need to have all of this as seamless as possibbl3, and MDaemon is not the best tool for this even with the add-on LDAP tool.
I have done some testing...
MDAEMON is easy to setup to talk to your Domain Controller.
You do Not need the LDAP tool if you already have a DC.
We set up a test MDAEMON server, imported the user from The IMPORT option in MDAEMON, and found that it works great.
It changes the users password to "\\servername"
When we changed the password in Active directory, MDAEMON authenticated fine. The trick is to have all your users set to have that as their password in MDAEMON. Now.. you may want to set password changes to NO to keep them from screwing things up.
If You disable a User in Active Dir, they cannot connect to their email beacuse their password cant authenticate. You just have to manaully setup each user (IMPORT) but thats it.
As for LDAP and CF....
Tried the Custom Tag ADAuthen from the new and "improved" Macromedia/Allaire site.
I set up a form that asked the Username and Password... It took several seconds and then reported the user was not valid. I think that tag timed out and returned the null value, so it never reaaly worked.
I am taking a break from it now, hoping someone out there has an answer... I will keep at it and let you know.
Please let me know if you hear anything!
Thanks
MDAEMON is easy to setup to talk to your Domain Controller.
You do Not need the LDAP tool if you already have a DC.
We set up a test MDAEMON server, imported the user from The IMPORT option in MDAEMON, and found that it works great.
It changes the users password to "\\servername"
When we changed the password in Active directory, MDAEMON authenticated fine. The trick is to have all your users set to have that as their password in MDAEMON. Now.. you may want to set password changes to NO to keep them from screwing things up.
If You disable a User in Active Dir, they cannot connect to their email beacuse their password cant authenticate. You just have to manaully setup each user (IMPORT) but thats it.
As for LDAP and CF....
Tried the Custom Tag ADAuthen from the new and "improved" Macromedia/Allaire site.
I set up a form that asked the Username and Password... It took several seconds and then reported the user was not valid. I think that tag timed out and returned the null value, so it never reaaly worked.
I am taking a break from it now, hoping someone out there has an answer... I will keep at it and let you know.
Please let me know if you hear anything!
Thanks
- Thread starter
- #5
imstillatwork
IS-IT--Management
I will check it out too. With ASP there is a third party COM object....but this isnt asp now is it? I an VERY interested in using AD domain Username / group to log into our CF INTRANET.....
kevin
kevin
We got ours working great....
We had to set up advanced security in the CF ADMIN.
We use CFathenticate...
We also added authentification against the Database too incase we had users that were in offices without a Domain Controller and user login setup yet.
Works like a champ!
-- David McIntosh
We had to set up advanced security in the CF ADMIN.
We use CFathenticate...
We also added authentification against the Database too incase we had users that were in offices without a Domain Controller and user login setup yet.
Works like a champ!
-- David McIntosh
I have been authenticating users via CFLDAP on AD for a while and it works great. Below is a snippet of what the code does. This was written by someone else who allows free distribution of the code. Let me know if anyone wants the files to be e-mailed to them.
...according to Microsoft, there is no
way to 'read' a password from Active Directory through
LDAP, only to add or modify one. However, for a user
to run a query against the Active Directory using the LDAP
protocol they must bind to it with a valid ID and password.
Knowning this, I created a CFLDAP query that uses a users
ID and password to attempt to bind to the Active Directory
and query it for their own username. If this is successful
then they must have provided valid credentials.
...according to Microsoft, there is no
way to 'read' a password from Active Directory through
LDAP, only to add or modify one. However, for a user
to run a query against the Active Directory using the LDAP
protocol they must bind to it with a valid ID and password.
Knowning this, I created a CFLDAP query that uses a users
ID and password to attempt to bind to the Active Directory
and query it for their own username. If this is successful
then they must have provided valid credentials.
imstillatwork
IS-IT--Management
I do Please...
ksargent@vtechphones.com
Thanks!!!
ksargent@vtechphones.com
Thanks!!!
bhightower
Programmer
I would like that code as well.....
bhightower@mall.com
thanks!
bhightower@mall.com
thanks!
Perhaps you could post it here...
I would like to se it as well...
info@neofactor.com
David McIntosh
I would like to se it as well...
info@neofactor.com
David McIntosh
- Status
Similar threads
- Locked
- Question