[jesseplace]

I am writing an ASP script to have users authenticate against LDAP. The code below works to say whether they've entered a validated username and password (the script returns true or false) but I can't get the actual cn or any other ldap field from the recordset.

When I try to return oRS.Fields("cn").Value in the script below it is empty.

Where'd I go wrong here?

<%
strUser ="jsmith"
strPassword = "jsmith25"


strQuery = "SELECT cn, mail FROM 'LDAP://" & "MYDOMAIN" & "' WHERE objectClass='*' "
set oConn = server.CreateObject("ADODB.Connection")
oConn.Provider = "ADsDSOOBJECT"
oConn.Properties("User ID") = strUser
oConn.Properties("Password") = strPassword
oConn.Properties("Encrypt Password") = true
oConn.open "DS Query", strUser, strPassword

set cmd = server.CreateObject("ADODB.Command")
set cmd.ActiveConnection = oConn
cmd.CommandText = strQuery
on error resume next

set oRS = cmd.Execute

if oRS.bof or oRS.eof then

AuthenticateUser = false
Response.Write("FALSE")
else
AuthenticateUser = true
Response.Write("TRUE")

str_cn = oRS.Fields("cn").Value
Response.Write(str_cn)

end if

set oRS = nothing
set oConn = nothing
%>

[Doug G]

Take out the 'on error resume next' statement and you'll probably see an error message next time you run the page.

[jesseplace]

Removing "on error resume next" will return an error if an invalid username and password is passed, but no error and still no value for oRS.Fields("cn").Value if there is a valid username and password.