Check what is being returned by your <cfldap...> call.
I suspect your ldap call is failing, and the logic is going through the <cfcatch...> block of your code. But that block doesn't do anything but set a variable.
Then your code tries to execute a comparison on data that will only exist if the <cfldap...> call is sucessful.
Thank you for your suggestion, Ian. I placed <cfdump var="cfcatch#> between the <cfcatch></cfcatch> tags but didn't get any further information. Is there another way to do it?
No, if there was anything to catch that would be showing it.
Also put a <cfdump var="#userLookup#"> right after the <cfldap...> tag to see what it is returning if anything.
I would aslo put a <cfabort.> there just to stop any futher processing until I knew what is happening.
That didn't return anything either. I know the user name and password that
I am passing through the form is correct. Is there another way to
accomplish LDAP authentication or am I on the right track with this? I have
been working on this for over 3 weeks, and haven't made any progress.
What do you mean "did not return anything"? Nothing, and empty screen? Or just something you did not expect? It should be returning something, an error and empty structure, strange data, something.
You seem to be doing what I more or less do. The only difference I see is that we often use a ColdFusion user which has been given the desired permissions on the Active Directory Ldap server. But for authentication, we do exactly what you are doing.
<cfldap action="query" server="#variables.ldapConfig.server#" name="qUser" start="#variables.ldapConfig.start#" filter="samaccountname=#getProperty('samaccountname')#" username="#variables.ldapConfig.domain#\#getProperty('samaccountname')#" password="#arguments.password#" attributes = "#variables.ldapConfig.attributes#"> <cfcatch type="application"> <!--- If Authentication failed message is returned, return false ---> <cfif uCase(listFirst(cfcatch.Message,":")) EQ "AUTHENTICATION FAILED"> <cfset returnValue = false> <cfelse> <!--- Else rethrow any other type of exception ---> <cfrethrow> </cfif> </cfcatch> </cftry>
I did just notice that we use a domain\username in the username property not just the username.
Thank you for the tips. The additional <cfcatch> did not return any different information. I am still getting the element RECORDCOUNT is undefined in USERLOOKUP error with 500 - Internal server error: There is a problem with the resource you are looking for, and it cannot be displayed.
If you think the code I provided looks ok, then I will take a look at some of the other files to see if they are causing the error. The ldap.cfm posts to the login_action.cfm so maybe there is something in that one that is causing the problem?