-
-
Cleans sAMAccountName
Parameters:
Name |
Type |
Description |
sAMA |
string
|
|
Returns:
string
- sAMAccountName
-
-
Converts the ActiveDirectory / LDAP fields whenCreated & whenChanged to JS dates
Parameters:
Name |
Type |
Description |
date |
string
|
|
Returns:
Date
- ISO formatted date
-
-
Creates a standard user object from ldapjs entry response
Parameters:
Name |
Type |
Description |
entry |
object
|
This is an entry returned from loginAdUser |
Returns:
object
- User object { groups: Array, phone: string, name: string, mail: string, guid: string }
-
-
Detects what type of account name this is or defaults to userLogonName
Parameters:
Name |
Type |
Description |
username |
string
|
The user name being used to bind |
Returns:
string
- Returns userPrincipalName || distinguishedName || sAMAccountName
-
-
Turns AD bind errors into friendlier error messages
Parameters:
Name |
Type |
Description |
error |
string
|
Error returned from ldapjs / AD when attempting to bing |
Returns:
string
- Error explanation string
-
-
Resolves AD group membership
Parameters:
Name |
Type |
Description |
entry |
object
|
This is an entry returned from loginAdUser |
Returns:
Array.<string>
- An array of string group names
-
-
Locates objectGUID and then formats it
Parameters:
Name |
Type |
Description |
entry |
object
|
This is an entry returned from loginAdUser |
Returns:
string
- Formated GUID string
-
-
Performs a bind on the client passed in
Parameters:
Name |
Type |
Description |
client |
ldap.Client
|
LDAPjs client obj |
username |
string
|
Username to bind with |
password |
string
|
Password to bind with |
Throws:
-
If username or password are not a string
-
-
Type
-
Error
Returns:
Promise
- Resolvs with LDAPjs response
-
-
Performs a search on a client
Parameters:
Name |
Type |
Description |
client |
ldap.Client
|
LDAPjs client obj |
base |
string
|
The base to perform the search on |
search |
object
|
The search options to use |
-
async getAllGroups(username, password, customBaseopt, detailed) → {Promise.<object>}
-
Attempts to get all groups from AD that the user has permissions to read and match filter.
Parameters:
Name |
Type |
Attributes |
Description |
username |
string
|
|
This must be the UPN |
password |
string
|
|
The users password |
customBase |
string
|
<optional>
|
Override the default class base, if not passed the class base is used. |
detailed |
boolean
|
|
Indicates if you want the detailed groups objects with name, dn, guid, description, created, and changed values |
Returns:
Promise.<object>
- Promise resolves as an obj { success: true, groups: [string] } || { success: false, message: 'error', error: 'ldapjs error' }
-
async getAllUsers(username, password, customBaseopt, formatted) → {Promise.<object>}
-
Attempts to get all users from AD that the user has permissions to read and match filter.
Parameters:
Name |
Type |
Attributes |
Description |
username |
string
|
|
This must be the UPN |
password |
string
|
|
The users password |
customBase |
string
|
<optional>
|
Override the default class base, if not passed the class base is used. |
formatted |
boolean
|
|
Indicates if you;d like your response formatted as user objects |
Returns:
Promise.<object>
- Promise resolves as an obj { success: true, users: [object] } || { success: false, message: 'error', error: 'ldapjs error' }
-
async loginUser(username, password, customBase, customSearch) → {Promise.<object>}
-
Attempts to authenticate 1 user to AD using their UPN.
If the ldap client has an error a user friendly message is in message and the full error is in error.
Parameters:
Name |
Type |
Description |
username |
string
|
This must be the UPN |
password |
string
|
The users password |
customBase |
string
|
Override the default class base, if not passed the class base is used. |
customSearch |
string
|
A custom search string, e.g. (userPrincipalName=test@domain.local) |
Returns:
Promise.<object>
- Promise resolves as an obj { success: true, entry: {} || undefined } || { success: false, message: 'error', error: 'ldapjs error' }