Lucee Tag Reference

Tag <CFLDAP>

Provides an interface to LDAP Lightweight Directory Access Protocol directory servers like the Netscape Directory Server.

Body

This tag can't have a body.

Example

<cfldap
	[action=add|delete|modifydn|modify|query]
	[attributes=string]
	[delimiter=string]
	[dn=string]
	[filter=string]
	[filterfile=string]
	[maxrows=number]
	[modifytype=string]
	[name=string]
	[password=string]
	[port=number]
	[rebind=boolean]
	[referral=number]
	[returnasbinary=string]
	[scope=string]
	[secure=string]
	[separator=string]
	server=string
	[sort=string]
	[sortcontrol=string]
	[start=string]
	[startrow=number]
	[timeout=number]
	[username=string]>
This tag is also supported within cfscript
<cfscript>
	ldap
		[action=add|delete|modifydn|modify|query]
		[attributes=string]
		[delimiter=string]
		[dn=string]
		[filter=string]
		[filterfile=string]
		[maxrows=number]
		[modifytype=string]
		[name=string]
		[password=string]
		[port=number]
		[rebind=boolean]
		[referral=number]
		[returnasbinary=string]
		[scope=string]
		[secure=string]
		[separator=string]
		server=string
		[sort=string]
		[sortcontrol=string]
		[start=string]
		[startrow=number]
		[timeout=number]
		[username=string];
</cfscript>

Attributes

The attributes for this tag are fixed. Except for the following attributes no other attributes are allowed.
Name Type Required Default Value Description
action string No query Specifies the LDAP action. 
attributes string No Required if action = "Query", "Add", "ModifyDN", or "Modify"
For queries: comma-delimited list of attributes to return. For
queries, to get all attributes, specify "*".

If action = "add" or "modify", you can specify a list of update
columns. Separate attributes with a semicolon.

If action = "ModifyDN", CFML passes attributes to the
LDAP server without syntax checking. 
delimiter string No Specifies the character that cfldap uses to separate multiple attribute name/value pairs when more than one attribute is specified in the attribute attribute or the attribute that you want to use has the default delimiter character, which is the semicolon (;), such as mgrpmsgrejecttext;lang-en. The delimiter character is used by the query, add, and
modify action attributes, and is used by cfldap to output multi-value attributes 
dn string No Specifies the distinguished name for update actions. 
filter string No Search criteria for action = "Query".
List attributes in the form:
"(attribute operator value)" Example: "(sn = Smith)" 
filterfile string No This Attribute is deprecated 
maxrows number No Specifies the maximum number of entries for LDAP queries. 
modifytype string No Indicates whether to add, delete, or replace an attribute in a multi-value list of attributes. 
name string No The name you assign to the LDAP query. 
password string No used when username is defined 
port number No Port defaults to the standard LDAP port, 389. 
rebind boolean No If you set rebind to Yes, cfldap attempts to rebind the referral callback and reissue the query
by the referred address using the original credentials. The default is No, which means referred
connections are anonymous. 
referral number No Number of hops allowed in a referral. A value of 0 disables referred addresses for LDAP; no data is returned. 
returnasbinary string No A comma-delimited list of columns that are to be returned as binary values. 
scope string No Specifies the scope of the search from the entry specified in the Start attribute
for action = "Query". 
secure string No The type of security to use 
separator string No Specifies the character that cfldap uses to separate attribute values in multi-value attributes. This character is used by the query, add, and modify action attributes, and
by cfldap to output multi-value attributes. The default character is the comma (,). 
server string Yes Host name "biff.upperlip.com" or IP address "192.1.2.225" of the LDAP server. 
sort string No Indicates the attribute or attributes by which to sort query results. Use a comma to separate attributes. 
sortcontrol string No Specifies how to sort query results. 
start string No Specifies the distinguished name of the entry to be used to start the search. 
startrow number No Used in conjunction with action = "Query". Specifies the first row of the LDAP query to insert
into the query. The default is 1. 
timeout number No Specifies the maximum amount of time, in seconds, to wait for LDAP processing. Defaults to
60 seconds. 
username string No If no user name is specified, the LDAP connection is anonymous.