A lightweight wrapper for ldapjs
for CRUD actions and some more.
Install it via npm
npm install ldapcrud
First of all, install and require ldapcrud
module in your script and create new instance of LDAPCRUD
class with your config;
const LDAPCRUD = require('ldapcrud');
let config = {
clientOptions: {
url: 'ldaps://your-ldap-url',
tlsOptions: {
rejectUnauthorized: false
}
},
baseDN: 'OU=Customers,DC=Company,DC=local',
userDN: 'CN=serviceadmin,OU=Customers,DC=Company,DC=local',
password: 'secret',
attributes: [
'sAMAccountName',
'mail',
'sn',
'givenName'
],
defaultFilter: '(mail=*@*)',
suffix: '@Company.local',
model: {
'sAMAccountName': 'ldap',
'mail': 'email',
'sn': 'name.last',
'givenName': 'name.first'
}
};
let ldap = new LDAPCRUD(config);
clientOptions
object - options for ldapjs client creation. See morebaseDN
string - DN where search users.userDN
string - Admin User DN, that can performs operations against the LDAP server.password
string - Admin User password.attributes
Array - Array of properties to selectdefaultFilter
string - LDAP Filter stringsuffix
string - User model suffixmodel
object - relation LDAP properties to your custom User model, where keys are LDAP properties and values are yours User model fields.
Convert LDAP User model to yours format or vice versa.
model
param of config is required. Also you can use flatten
module, if
you have nested user object
let user = flatten({
name: {
first: 'John',
last: 'Doe'
},
email: '[email protected]'
});
let ldapModel = ldap.convertModel(user, true);
// ldapModel === {
// sn: 'Doe',
// givenName: 'John',
// mail: '[email protected]'
// }
- object data (JS object)
- boolean [toLdapModel] (if true convert Node model to LDAP, else LDAP to Node)
- object result model
Create LDAP client
ldap.createClient((err, client) => {
// Handle error and do something
});
- string [dn] (custom User DN for bind)
- string [password] (custom password for bind)
- function callback (callback(err, client))
LDAP Authentication
let dn = '(sAMAccountName=username)';
let pwd = 'secret';
ldap.authenticate(dn, pwd, (err, auth) => {
if (err) return console.error(err);
console.log('Authorize:', (auth) ? 'success' : 'failed');
});
- string dn (User DN for bind)
- string password (bind password)
- function callback (callback(err, auth))
- interrupt executing on error
Create entry in LDAP by provided entry properties.
displayName
,cn
,name
properties generetes fromsn
andgivenName
.dn / distinguishedName
generetes bycn
, provideddn
property andbaseDN
property of configuserPrincipalName
concatenates from providedsAMAccountName
property andsuffix
property of config
let entry = {
sn: 'User',
givenName: 'Test',
sAMAccountName: 'testUser',
mail: '[email protected]',
};
ldap.create(entry, (err) => {
// Handle error and do something
});
- object entry (user data)
- function callback (callback)
- execute callback with error
Read entries in LDAP.
findUsers
is alias for read
ldap.read({
filter: '(sAMAccountName=username)'
}, (err, users) => {
// Handle error and do something
});
- object [options] (search options)
- function callback (callback)
Update user
Change password in Active Directory
function encodePassword(password) {
return new Buffer('"' + password + '"', 'utf16le').toString();
}
let pwd = 'secret';
let attrs = [
{
type: 'replace',
attr: 'unicodePwd',
value: encodePassword(pwd)
},
{
type: 'replace',
attr: 'userAccountControl',
value: '66048'
}
];
ldap.update('(sAMAccountName=username)', attrs, (err) => {
// Handle error and do something
});
- string filter (LDAP search filter)
- Array changedAttrs (array of objects attributes to change)
- function callback (callback(err))
- execute callback with error
Delete user
ldap.delete('(sAMAccountName=username)', (err) => {
// Handle error and do something
});
- string filter (LDAP search filter)
- function callback (callback(err))
- execute callback with error
Move user to other DN. Work in progress! Not tested!
- string filter (LDAP search filter)
- string newDN (new DN for user without cn)
- function callback (callback(err))
- execute callback with error