Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
This is a simple wrapper around ldapjs for basic operations against an Active Directory instance. If you're looking for a robust interface, you may be interested in activedirectory2.
What can you do with adldap
?
This library was written because activedirectory2
pulls back too much data
when retreiving groups. I merely need the list of names; activedirectory2
pulls back much more information than that.
If I ever get the time and desire, I may flesh out this library more. Pull requests are always welcome.
const adldapFactory = require('adldap')()
const client = adldapFactory({
searchUser: 'dn=Generic Searcher,ou=accounts,dn=example,dn=com',
searchUserPass: 'supersecret',
ldapjs: {
url: 'ldaps://ad.example.com',
searchBase: 'dn=example,dn=com',
scope: 'sub'
}
})
// You must bind before you can do anything else.
client.bind()
.then(() => {
client.findUser('someUser')
.then((user) => console.log(user.memberOf))
.catch((err) => console.error(err))
.then(() => client.unbind())
})
.catch((err) => console.error(err))
You could also "flatten" the code via Bluebird and bluebird-co:
const Promise = require('bluebird')
require('bluebird-co')
function * doItGenerator () {
try {
yield client.bind()
const user = yield client.findUser('someUser')
console.log(user.memberOf)
yield client.unbind()
} catch (e) {
console.error(e.message)
}
}
const doIt = Promise.coroutine(doItGenerator)
doIt()
searchUser
: A fully qualified DN to a user that can perform searches against
your Active Directory.searchUserPass
: The search user's password, obviously.ldapjs
url
: The URL to your Active Directory in LDAP format.searchBase
: Default search base to use for all searches unless overridden
by a method's options.scope
: The default search scope to use for all searches unless overridden
by a method's options. Can be 'base', 'one', or 'sub'. Defaults to 'base'.
(optional)attributes
: An array of default attributes to return with searches.
The default list is ['dn', 'cn', 'sn', 'givenName', 'mail', 'memberOf']
.
If overridden by a method, you must supply the complete list of attributes
you want. (optional)The full documentation is included in the api.md document.
authenticate(username, password)
bind()
findUser(username, options)
search(base, options, controls)
unbind()
userInGroup(username, groupName)
replace(dn, change)
replaceAttribute(cn, attribute, value)
incrementAttribute(cn, attribute)
FAQs
A light weight interface to Active Directory based on LDAPjs
The npm package adldap receives a total of 22 weekly downloads. As such, adldap popularity was classified as not popular.
We found that adldap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.