User Guide

Table Of Contents
Querying an LDAP directory 523
Searching and sorting notes
To search for multiple values of a multivalued attribute type, use the & operator to combine
expressions for each attribute value. For example, to search for an entry in which cn=Robert
Jones and cn=Bobby Jones, specify the following filter:
filter="(&(cn=Robert Jones)(cn=Bobby Jones))"
You can use object classes as search filter attributes; for example, you can use the following
search filter:
filter="(objectclass=inetorgperson)"
To specify how query results are sorted, use the sort field to identify the attribute(s) to sort. By
default, ColdFusion returns sorted results in case-sensitive ascending order. To specify
descending order, case-insensitive sorting, or both, use the
sortControl attribute.
ColdFusion requests the LDAP server to do the sorting. This can have the following effects:
The sort order might differ between ColdFusion MX and previous versions.
If you specify sorting and the LDAP server does not support sorting, ColdFusion generates
an error. To sort results from servers that do not support sorting, use a query of queries on
the results.
If you use filter operators to construct sophisticated search criteria, performance might degrade
if the LDAP server is slow to process the synchronous search routines that
cfldap supports.
You can use the
cfldap tag timeout and maxRows attributes to control the apparent
performance of pages that perform queries, by limiting the number of entries and by exiting
the query if the server does not respond in a specified time.
Getting all the attributes of an entry
Typically, you do not use a query that gets all the attributes in an entry. Such a query would return
attributes that are used only by the directory server. However, you can get all the attributes by
specifying attributes="*" in your query.
If you do this, ColdFusion returns the results in a structure in which each element contains a
single attribute name-value pair. The tag does not return a query object. ColdFusion does this
because LDAP directory entries, unlike the rows in a relational table, vary depending on their
object class.
For example, the following code retrieves the contents of the Airius directory:
<cfldap name="GetList"
server=#myServer#
action="query"
attributes="*"
scope="subtree"
start="o=airius.com"
sort="sn,cn">