Connect user directories

If you use Advanced Security, the Connect User Directories page shows any existing user directories and allows you to define, edit or delete them. After you define a user directory, you can assign it to a security context.

 

To define a new user directory:

  1. Click Security>Security Configuration in the ColdFusion Administrator navigation frame. The Advanced Security page appears.

  2. Click User Directories. The Connect User Directories page appears.

  3. Enter a name for the user directory in the text box. The name you enter in this field is an internal name that ColdFusion uses to refer to the directory.

  4. Click Connect Directory. The New User Directory page appears.

  5. Complete the fields on the New User Directory page as described in the following table. To exit the page any time without saving the user directory, click Back.
     

Field

Description

Default

Name

This field displays the name that you entered on the Connect User Directories page.

Filled

Description

You can enter a description of the new user directory.

Blank

Namespace

From the drop-down list, select the industry standard of the directory: LDAP, Windows NT domain, or ODBC.

LDAP

Location

Enter the appropriate information:

  • If your user directory is an LDAP directory, enter the name of the LDAP server that hosts the directory.

  • If your user directory is a Windows NT domain, enter the domain name.

  • If your user directory is an ODBC data source, enter the path and filename of the database to use.

None

Username

If the domain, directory, or data source requires a username and password, enter the username in this field. If you secured the ColdFusion Administrator, you can leave this field blank.

Blank

Password

If you entered a username in the previous field, enter a password.

Blank

 

  1. If the user directory is:

 

LDAP Settings Table

Field

Description

Default

Search Root

Enter a Search Root. It must point to the branch of the LDAP tree where a user namespace logically begins. Typically, this branch represents an organization or an organizational unit, and corresponds to one user directory.

o=domain.com

Lookup Start

Enter a Lookup Start. ColdFusion uses this value to construct the beginning of the search string. For example, uid=.

(&(objectclass=*)(uid=

Lookup End

Enter a Lookup End. ColdFusion uses this value to construct the part of the search string that follows user ID. For example, ou=marketing,
o=widgetinc.com
.

 

Note: If you leave the lookup fields blank, then the user will have to enter his or her entire distinguished name rather than just a username. The distinguished name is an LDAP directory parameter.

))

Search Timeout

Enter the number of seconds at which ColdFusion should time out a search. This value is the maximum amount of time that you want ColdFusion to spend searching a directory.

100

Search Results

Enter the maximum number of results you want the search to return in the Search Results field.

100

Search Scope

From the drop-down list, select the depth of searches:
 

Subtree if you want to be able to access everything under the search root.

 

One Level if you want to search only the top level of the directory.

Subtree

 

  1. Enable the Add User Directory to Existing Security Contexts option if you want to add users from this user directory to existing security contexts automatically. If you disable this option, you must manually associate users with each security context.

  2. Click Add. The Connect User Directory page appears with the new user directory shown in the table.

 

To edit or delete a user directory:

  1. Access the Connect User Directories page.

  2. In the table of existing user directories, click the name of the directory you want to modify or delete.




    The ColdFusion Edit User Directory page appears.
     

  3. To edit the user directory, modify the fields and click Apply. The Connect User Directory page appears. For information about defining a user directory, see the tables provided above.

  4. To delete the user directory, click Delete. The Connect User Directory page appears; the deleted directory no longer appears in the table.

Related topics