Adobe ColdFusion 8

Example: querying an LDAP directory

The following example uses the cfldap tag to get information about the people in the Airius corporation's Santa Clara office. Users can enter all or part of a person's name and get a list of matching names with their departments, e-mail addresses, and telephone numbers.

This example uses the sample Airius corporate directory that is distributed with the Netscape Directory Server. If you do not have access to this directory, modify the code to work with your LDAP directory.

  1. Create a file that looks like the following:
    <!--- This example shows the use of CFLDAP --->
    <html>
    <head> <title>cfldap Query Example</title> </head>
    
    <h3>cfldap Query Example</h3>
    
    <body>
    <p>This tool queries the Airius.com database to locate all people in the company's 
        Santa Clara office whose common names contain the text entered in the form.</p>
    
    <p>Enter a full name, first name, last name, or name fragment.</p>
    
    <form action="cfldap.cfm" method="POST">
        <input type="text" name="name"><br><br>
        <input type="submit" value="Search">
    </form>
    
    <!--- make the LDAP query --->
    <!-- Note that some search text is required.
        A search filter of cn=** would cause an error -->
    <cfif (isdefined("form.name") AND (form.name IS NOT ""))>
        <cfldap
            server="ldap.airius.com"
            action="query"
            name="results"
            start="ou=People, o=Airius.com"
            scope="onelevel"
            filter="(&(cn=*#form.Name#*)(l=Santa Clara))"
            attributes="cn,sn,ou,mail,telephonenumber"
            sort="ou,sn"
            maxrows=100
            timeout=20000
        >
    
    <!--- Display results --->
        <table border=0 cellspacing=2 cellpadding=2>
         <tr>
            <th colspan=4><cfoutput>#results.RecordCount# matches found</cfoutput>
            </th>
         </tr>
         <tr>
            <th>Name</th>
            <th>Department</th>
            <th>E-Mail</th>
            <th>Phone</th>
         </tr>
        <cfoutput query="results">
         <tr>
            <td>#cn#</td>
            <td>#listFirst(ou)#</td>
            <td><a href="mailto:#mail#">#mail#</a></td>
            <td>#telephonenumber#</td>
        </tr>
        </cfoutput>
        </table>
    </cfif>
        
    </body>
    </html> 
    

  2. Change the server attribute from ldap.airius.com to the name of your installation of the Airius database.
  3. Save the page as cfldap.cfm and run it in your browser.

Reviewing the code

The following table describes the code:

Code

Description

<form action="cfldap.cfm" method="POST"> <input type="text" name="name"> <br><br> <input type="submit" value="Search"> </form>

Uses a form to get the name or name fragment to search for.

<cfif (isdefined("form.name") AND (form.name IS NOT ""))>

Ensures that the user has submitted the form. This is necessary because the form page is also the action page. Ensures that the user entered search text.

<cfldap server="ldap.airius.com" action="query" name="results" start="ou=People, o=Airius.com" scope="onelevel" filter="(&(cn=*#form.Name#*) (l=Santa Clara))" attributes="cn,sn,ou,mail, telephonenumber" sort="ou,sn" maxrows=100 timeout=20000 >

Connects anonymously to LDAP server ldap.airius.com, query the directory, and return the results to a query object named results.

Starts the query at the directory entry that has the distinguished name ou=People, o=Airius.com, and searches the directory level immediately below this entry.

Requests records for entries that contain the location (l) attribute value "Santa Clara" and the entered text in the common name attribute.

Gets the common name, surname, organizational unit, e-mail address, and telephone number for each entry.

Sorts the results first by organization name, then by surname. Sorts in the default sorting order.

Limit the request to 100 entries. If the server does not return the data in 20 seconds, generates an error indicating that LDAP timed out.

<table border=0 cellspacing=2     cellpadding=2>   <tr>     <th colspan=4>       <cfoutput>#results.RecordCount#          matches found</cfoutput>     </th>   </tr>   <tr>     <th>Name</th>     <th>Department</th>     <th>E-Mail</th>     <th>Phone</th>   </tr>   <cfoutput query="results">   <tr>     <td>#cn#</td>     <td>#ListFirst(ou)#</td>     <td><a href="mailto:#mail#">#mail#     </a></td>     <td>#telephonenumber#</td>   </tr>   </cfoutput>  </table> </cfif>

Starts a table to display the output

 

Displays the number of records returned.

 

 

 

 

 

 

 

 

 

Displays the common name, department, e-mail address, and telephone number of each entry.

Displays only the first entry in the list of organizational unit values. (For more information, see the description that follows this table.)

This search shows the use of a logical AND statement in a filter. It returns one attribute, the surname, that is used only for sorting the results.

In this query, the ou attribute value consists of two values in a comma-delimited list. One is the department name. The other is People. This is because the Airius database uses the ou attribute type twice:

  • In the distinguished names, at the second level of the directory tree, where it differentiates between organizational units such as people, groups, and directory servers
  • As the department identifier in each person's entry

Because the attribute values are returned in order from the person entry to the directory tree root, the ListFirst function extracts the person's department name.