Provides an interface to LDAP Lightweight Directory Access Protocol directory servers like the Microsoft Active Directory.

This tag cannot have a body.

This tag is also supported within <cfscript>

<cfldap returnasbinary=string server=string port=number username=string secure=string password=string action=add|delete|modifyDn|modify|query name=string timeout=number maxrows=number start=string scope=string attributes=string filter=string filterfile=string sort=string sortcontrol=string dn=string startrow=number modifytype=string rebind=boolean referral=number separator=string delimiter=string >
Attribute Description Default
string, optional

A comma-delimited list of columns that are to be returned as binary values.

string, required

Host name "biff.upperlip.com" or IP address "" of the LDAP server.

number, optional

Port defaults to the standard LDAP port, 389.

string, optional

If no user name is specified, the LDAP connection is anonymous.

string, optional

The type of security to use

string, optional

used when username is defined

string, optional

Specifies the LDAP action.

  • add
  • delete
  • modifydn
  • modify
  • query


string, optional

The name you assign to the LDAP query.

Alias: variable

number, optional

Specifies the maximum amount of time, in seconds, to wait for LDAP processing. Defaults to 60 seconds.

number, optional

Specifies the maximum number of entries for LDAP queries.

string, optional

Specifies the distinguished name of the entry to be used to start the search.

string, optional

Specifies the scope of the search from the entry specified in the Start attribute for action = "Query".

string, optional

Required if action = "Query", "Add", "ModifyDN", or "Modify" For queries: comma-delimited list of attributes to return. For queries, to get all attributes, specify "*".

If action = "add" or "modify", you can specify a list of update columns. Separate attributes with a semicolon.

If action = "ModifyDN", CFML passes attributes to the LDAP server without syntax checking.

string, optional

Search criteria for action = "Query".

List attributes in the form: "(attribute operator value)" Example: "(sn = Smith)"

string, optional

Indicates the attribute or attributes by which to sort query results. Use a comma to separate attributes.

string, optional

Specifies how to sort query results.

string, optional

Specifies the distinguished name for update actions.

number, optional

Used in conjunction with action = "Query". Specifies the first row of the LDAP query to insert into the query. The default is 1.

string, optional

Indicates whether to add, delete, or replace an attribute in a multi-value list of attributes.

number, optional

Number of hops allowed in a referral. A value of 0 disables referred addresses for LDAP; no data is returned.

string, optional

Specifies the character that cfldap uses to separate attribute values in multi-value attributes. This character is used by the query, add, and modify action attributes, and by cfldap to output multi-value attributes. The default character is the comma (,).

string, optional

Specifies the character that cfldap uses to separate multiple attribute name/value pairs when more than one attribute is specified in the attribute attribute or the attribute that you want to use has the default delimiter character, which is the semicolon (;), such as mgrpmsgrejecttext;lang-en. The delimiter character is used by the query, add, and modify action attributes, and is used by cfldap to output multi-value attributes

Unimplemented Attribute(s)

Attribute Description Default
string, optional

this attribute is deprecated and no longer supported.

* deprecated *
boolean, optional

If you set rebind to Yes, cfldap attempts to rebind the referral callback and reissue the query by the referred address using the original credentials. The default is No, which means referred connections are anonymous.

* unimplemented *


There are currently no examples for this tag.

See also