UNPKG

ad-ldap-helper

Version:

A module to authenticate / lookup users with Microsoft Active Directory

65 lines (56 loc) 2.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# AD-LDAP-HELPER --- A module with some helper functions to authenticate a Microsoft Active Directory user or lookup a user's info with a default account. Dependencies: - dotenv - activedirectory2 Requires .env file in root of project with the following environmental variables: - LDAP_URL: Active Directory server to connect to, e.g. ldap://ad.example.com - BASE_DN: The root DN from which all searches will be performed, e.g. dc=example,dc=com - AD_USER: default ad user (hopefully not a real user's account!) - AD_PASSWD: default ad user's password ### Methods loginADUser(username: string, password: string, attributes?: Array<string>): User|null Attempts to authenticate a user with a given sAMAccountName and password. If unsuccessful, it returns null. If successful it returns a user object with: - sAMAccountName - givenName (firstname) - sn (surname) - telephoneNumber - mail (email) - l (location) - ... any attributes included in the optional 3rd argument (an array of strings) getADUserInfo(username: string, attributes?: Array<string>): Promise<User|null> Authenticates with a default user whose sAMAccountName and password are defined in a .env file. If unsuccessful, it returns a Promise rejection with null. If successful it returns a Promise resolve with the user object: - sAMAccountName - givenName (firstname) - sn (surname) - telephoneNumber - mail (email) - l (location) - ... any attributes included in the optional 3rd argument (an array of strings) getADUserGroups(username: string, attributes?: Array<string>): Promise<Array<Group>|null> Authenticates with a default user whose sAMAccountName and password are defined in a .env file. If unsuccessful, it returns a Promise rejection with null. If successful it returns a Promise resolve with the user's groups: [ Group { dn, cn, description, distinguishedName, objectCategory }, ... ] getADUsersForGroup(groupname: string): Promise<Array<User>|null> Authenticates with a default user whose sAMAccountName and password are defined in a .env file. If unsuccessful, it returns a Promise rejection with null. If successful, it returns a Promise resolve with a list of users belonging to the AD group: [ User { sAMAccountName, givenName, sn, mail, l, }, ... ]