A lightweight wrapper for ldapjs for CRUD actions and some more.
Install it via npm
npm install ldapcrud
First of all, install and require ldapcrud module in your script and create new instance of LDAPCRUD class with your config;
const LDAPCRUD = require('ldapcrud');
let config = {
clientOptions: {
url: 'ldaps://your-ldap-url',
tlsOptions: {
rejectUnauthorized: false
}
},
baseDN: 'OU=Customers,DC=Company,DC=local',
userDN: 'CN=serviceadmin,OU=Customers,DC=Company,DC=local',
password: 'secret',
attributes: [
'sAMAccountName',
'mail',
'sn',
'givenName'
],
defaultFilter: '(mail=*@*)',
suffix: '@Company.local',
model: {
'sAMAccountName': 'ldap',
'mail': 'email',
'sn': 'name.last',
'givenName': 'name.first'
}
};
let ldap = new LDAPCRUD(config);clientOptionsobject - options for ldapjs client creation. See morebaseDNstring - DN where search users.userDNstring - Admin User DN, that can performs operations against the LDAP server.passwordstring - Admin User password.attributesArray - Array of properties to selectdefaultFilterstring - LDAP Filter stringsuffixstring - User model suffixmodelobject - relation LDAP properties to your custom User model, where keys are LDAP properties and values are yours User model fields.
Convert LDAP User model to yours format or vice versa.
model param of config is required. Also you can use flatten module, if
you have nested user object
let user = flatten({
name: {
first: 'John',
last: 'Doe'
},
email: 'johndoe@mail.com'
});
let ldapModel = ldap.convertModel(user, true);
// ldapModel === {
// sn: 'Doe',
// givenName: 'John',
// mail: 'johndoe@mail.com'
// }- object data (JS object)
- boolean [toLdapModel] (if true convert Node model to LDAP, else LDAP to Node)
- object result model
Create LDAP client
ldap.createClient((err, client) => {
// Handle error and do something
});- string [dn] (custom User DN for bind)
- string [password] (custom password for bind)
- function callback (callback(err, client))
LDAP Authentication
let dn = '(sAMAccountName=username)';
let pwd = 'secret';
ldap.authenticate(dn, pwd, (err, auth) => {
if (err) return console.error(err);
console.log('Authorize:', (auth) ? 'success' : 'failed');
});- string dn (User DN for bind)
- string password (bind password)
- function callback (callback(err, auth))
- interrupt executing on error
Create entry in LDAP by provided entry properties.
displayName,cn,nameproperties generetes fromsnandgivenName.dn / distinguishedNamegeneretes bycn, provideddnproperty andbaseDNproperty of configuserPrincipalNameconcatenates from providedsAMAccountNameproperty andsuffixproperty of config
let entry = {
sn: 'User',
givenName: 'Test',
sAMAccountName: 'testUser',
mail: 'testUser@mail.com',
};
ldap.create(entry, (err) => {
// Handle error and do something
});- object entry (user data)
- function callback (callback)
- execute callback with error
Read entries in LDAP.
findUsers is alias for read
ldap.read({
filter: '(sAMAccountName=username)'
}, (err, users) => {
// Handle error and do something
});- object [options] (search options)
- function callback (callback)
Update user
Change password in Active Directory
function encodePassword(password) {
return new Buffer('"' + password + '"', 'utf16le').toString();
}
let pwd = 'secret';
let attrs = [
{
type: 'replace',
attr: 'unicodePwd',
value: encodePassword(pwd)
},
{
type: 'replace',
attr: 'userAccountControl',
value: '66048'
}
];
ldap.update('(sAMAccountName=username)', attrs, (err) => {
// Handle error and do something
});- string filter (LDAP search filter)
- Array changedAttrs (array of objects attributes to change)
- function callback (callback(err))
- execute callback with error
Delete user
ldap.delete('(sAMAccountName=username)', (err) => {
// Handle error and do something
});- string filter (LDAP search filter)
- function callback (callback(err))
- execute callback with error
Move user to other DN. Work in progress! Not tested!
- string filter (LDAP search filter)
- string newDN (new DN for user without cn)
- function callback (callback(err))
- execute callback with error