Entries can be added, modified, and deleted. Remote administration of an LDAP server is one possible using one of these options.
The following example runs a cycle of LDAP actions by first adding a new record, then querying the LDAP directory and generating a form for the output, and finally deleting the new record.
![]() |
To add a new record: |
<!--- add a new record (Joe Smith) ---> <CFLDAP SERVER="myserver" USERNAME="uid=kvaughan, ou=People, o=airius.com" PASSWORD="bribery" ACTION="ADD" ATTRIBUTES="objectclass=top, person, organizationalPerson inetOrgPerson; cn=Joe Smith; sn=Smith; mail=jSmith@airius.com; telephonenumber=+1 408 555 2128; ou=Human Resources" DN="uid=jSmith, ou=People, o=airius.com"> <!--- query the LDAP server ---> <CFLDAP Name="AriusList" SERVER="myserver" ACTION="QUERY" ATTRIBUTES="cn,mail,telephonenumber" SCOPE="SUBTREE" FILTER="ou=Human Resources" SORT="cn ASC" START="o=airius.com"> <!--- generate a form page for query output ---> <H3> Human Resources Directory for Arius</H3> <CFFORM ACTION="ariusform_action.cfm"> <CFGRID NAME="ariusgrid" width="350" query="AriusList" insert="No" delete="No" sort="no" bold="No" italic="No" appendkey="No" highlighthref="No" griddataalign="LEFT" gridlines="no" rowheaders="no" rowheaderalign="LEFT" rowheaderitalic="No" rowheaderbold="No" colheaders="yes" colheaderalign="LEFT" colheaderitalic="No" colheaderbold="yes" selectmode="BROWSE" picturebar="no"> <CFGRIDCOLUMN NAME="cn" HEADER="Name"> <CFGRIDCOLUMN NAME="mail" HEADER="eMail Address"> <CFGRIDCOLUMN NAME="telephonenumber" HEADER="Phone"> </CFGRID><BR> </CFFORM> <!---delete record ---> <CFLDAP SERVER="myserver" USERNAME="uid=kvaughan, ou=People, o=airius.com" PASSWORD="bribery" ACTION="DELETE" DN="uid=jSmith, ou=People, o=airius.com">
myserver
to a valid LDAP server.
uid
to a valid user id.
ldapadd.cfm
and view it in your browser.
![]() |
To modify a record by adding an attribute: |
This example illustrates modifying a record by adding an attribute value to the existing values. This is a necessary step to overcome the limitations of the MODIFY attribute.
<!--- modify a record, preserving other existing attributes ---> <!--- You must include the existing attribute values plus the new one you want to add. In this case we are adding a unique member gfarmer to the Accounting Managers. If we did not include the existing the existing unique members scarter and tmorris then they would no longer be unique members. The modify really is doing a replace on this attribute. For the next release of ColdFusion we will provide an option to just update the attribute. Multiple values for a single attribute are separated by a comma. If a single attribute value contains a comma you must escape it by adding an extra comma. For example the uniquemember value uid=scarter,ou=groups, o=airius.com must be entered as uid=scarter,,ou=groups,, o=airius.com Be careful when you do this modify or you can remove attribute values you did not intend to! ---> <!--- ATTRIBUTES="uniquemember=uid=scarter,,ou=People,,o=airius.com, uid=tmorris,,ou=People,,o=airius.com, uid=gfarmer,,ou=People,,o=airius.com" ---> <CFLDAP SERVER="myserver" ACTION="Modify" USERNAME="uid=kvaughan, ou=People, o=airius.com" PASSWORD="bribery" ATTRIBUTES="uniquemember=uid=scarter,,ou=People,,o=airius.com, uid=tmorris,,ou=People,,o=airius.com, id=gfarmer,,ou=People,,o=airius.com" DN="cn=Accounting Managers, ou=groups; o=airius.com">
myserver
to a valid LDAP server.
uid
to a valid user id.
ldapaddattr.cfm
and view it in your browser.
![]() |
To insert or update an entry: |
<!--- If the update parameter is sent then run this update ---> <!--- If the insert parameter is sent then run this insert ---> <CFIF IsDefined(rename_dn)> <CFLDAP Name="CustomerRename" SERVER="myserver" USERNAME="cn=Directory Manager, o=Ace Industry, c=US" PASSWORD="testldap" ACTION="MODIFYDN" ATTRIBUTES=#new_dn# DN=#rename_dn#> <CFELSE> <CFIF IsDefined(dn)> <CFSET #UPDATE_ATTRS#=#mailtag# & #email# & ";" & #phonetag# & #Phone#> <CFLDAP Name="CustomerModify" SERVER="myserver" USERNAME="cn=Directory Manager, o=Ace Industry, c=US" PASSWORD="testldap" ACTION="MODIFY" ATTRIBUTES=#UPDATE_ATTRS# DN=#dn#> <CFELSE> <!--- If the insert parameter is sent then run this insert ---> <CFIF IsDefined(Distinguished_Name)> <CFSET #ADD_ATTRS# = "objectclass=top, person,organizationalPerson,inetOrgPerson;" & #fullnametag# & #Fullname# & ";" & #surnametag# & #Surname# & ";" & #mailtag# & #Email# & ";" & #phonetag# & #Phone#> <CFLDAP Name="CustomerAdd" SERVER="myserver" USERNAME="cn=Directory Manager, o=Ace Industry, c=US" PASSWORD="testldap" ACTION="Add" ATTRIBUTES=#ADD_ATTRS# DN=#Distinguished_Name#> </CFIF> </CFIF> </CFIF> <!--- Use CFLDAP to retrieve the common name and distinguished name for all employees that have a surname that contains ens and a common name that is > K. Search starts in the country US and organization Ace Industry.---> <CFLDAP Name="EntryList" SERVER="myserver" ACTION="Query" ATTRIBUTES="dn,cn, sn" SCOPE="SUBTREE" SORT="sn ASC" FILTER="(&(sn=*ens*)(cn>=K))" START="o=Ace Industry, c=US" MAXROWS=50 TIMEOUT=30> <HTML> <HEAD> <TITLE>LDAP Directory Example</TITLE> </HEAD> <P>To modify the attributes of an entry, select the entry and click the <B>Update</B> button. To create a new entry, click the <B>Add</B> button. <CFFORM NAME="MyForm" ACTION="ldap_update.cfm" TARGET="Lower"> <CFSELECT NAME="dn" SIZE="5" REQUIRED="Yes" QUERY="EntryList" Value="dn" Display="cn"> </CFSELECT> <INPUT TYPE="Submit" VALUE="Update..."> </CFFORM> <FORM ACTION="ldap_add.cfm" METHOD="Post" TARGET="Lower"> <INPUT TYPE="Submit" VALUE="Add..."> </FORM> </BODY> </HTML>
myserver
to a valid LDAP server.
uid
to a valid user id.
ldapchangeattr.cfm
and view it in your browser.
![]() |
To delete an entry: |
<!--- If the delete parameter is sent then run this update ---> <CFIF IsDefined(dn)> <CFLDAP Name="LDAPDelete" SERVER="myserver" USERNAME="cn=Directory Manager, o=Ace Industry, c=US" PASSWORD="testldap" ACTION="Delete" DN=#dn#> </CFIF> <!--- Use CFLDAP to retrieve the common name and distinguished name for all employees that have a surname that contains ens and a common name that is > K. Search starts in the country US and organization Ace Industry. ---> <CFLDAP Name="EntryList" SERVER="myserver" ACTION="Query" ATTRIBUTES="dn,cn, sn" SCOPE="SUBTREE" SORT="cn ASC" FILTER="(cn>=A)" START="o=Ace Industry, c=US" TIMEOUT=30>
myserver
to a valid LDAP server.
uid
to a valid user id.
ldapdeleteattr.cfm
and view it in your browser.
An example of building and searching a Verity collection from LDAP data can be found in "Indexing CFLDAP Query Results".