Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
ldapjs is a pure JavaScript, from-scratch framework for implementing LDAP clients and servers in Node.js. It is designed to be simple, extensible, and robust, making it suitable for a wide range of LDAP-related tasks.
Creating an LDAP Client
This feature allows you to create an LDAP client and bind to an LDAP server. The code sample demonstrates how to connect to an LDAP server running on localhost and bind using a distinguished name (DN) and password.
const ldap = require('ldapjs');
const client = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
client.bind('cn=root', 'secret', (err) => {
if (err) {
console.error('Error binding to LDAP server:', err);
} else {
console.log('Successfully bound to LDAP server');
}
});
Searching the LDAP Directory
This feature allows you to search the LDAP directory. The code sample demonstrates how to perform a search for entries with the surname 'Smith' and retrieve their distinguished names, surnames, and common names.
const ldap = require('ldapjs');
const client = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
client.bind('cn=root', 'secret', (err) => {
if (err) {
console.error('Error binding to LDAP server:', err);
return;
}
const opts = {
filter: '(sn=Smith)',
scope: 'sub',
attributes: ['dn', 'sn', 'cn']
};
client.search('o=example', opts, (err, res) => {
if (err) {
console.error('Error searching LDAP directory:', err);
return;
}
res.on('searchEntry', (entry) => {
console.log('Entry:', entry.object);
});
res.on('searchReference', (referral) => {
console.log('Referral:', referral.uris.join());
});
res.on('error', (err) => {
console.error('Search error:', err);
});
res.on('end', (result) => {
console.log('Search result:', result);
});
});
});
Adding an Entry to the LDAP Directory
This feature allows you to add an entry to the LDAP directory. The code sample demonstrates how to add a new entry with common name 'John Doe', surname 'Doe', and email 'john.doe@example.com' to the directory.
const ldap = require('ldapjs');
const client = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
client.bind('cn=root', 'secret', (err) => {
if (err) {
console.error('Error binding to LDAP server:', err);
return;
}
const entry = {
cn: 'John Doe',
sn: 'Doe',
email: 'john.doe@example.com',
objectclass: 'inetOrgPerson'
};
client.add('cn=John Doe, o=example', entry, (err) => {
if (err) {
console.error('Error adding entry to LDAP directory:', err);
} else {
console.log('Entry added successfully');
}
});
});
Modifying an Entry in the LDAP Directory
This feature allows you to modify an entry in the LDAP directory. The code sample demonstrates how to replace the email attribute of an existing entry with a new email address.
const ldap = require('ldapjs');
const client = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
client.bind('cn=root', 'secret', (err) => {
if (err) {
console.error('Error binding to LDAP server:', err);
return;
}
const change = new ldap.Change({
operation: 'replace',
modification: {
email: 'john.new@example.com'
}
});
client.modify('cn=John Doe, o=example', change, (err) => {
if (err) {
console.error('Error modifying entry in LDAP directory:', err);
} else {
console.log('Entry modified successfully');
}
});
});
Deleting an Entry from the LDAP Directory
This feature allows you to delete an entry from the LDAP directory. The code sample demonstrates how to delete an entry with the distinguished name 'cn=John Doe, o=example' from the directory.
const ldap = require('ldapjs');
const client = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
client.bind('cn=root', 'secret', (err) => {
if (err) {
console.error('Error binding to LDAP server:', err);
return;
}
client.del('cn=John Doe, o=example', (err) => {
if (err) {
console.error('Error deleting entry from LDAP directory:', err);
} else {
console.log('Entry deleted successfully');
}
});
});
The 'activedirectory' package is a simple Node.js library for Active Directory LDAP integration. It provides a higher-level abstraction over LDAP operations, making it easier to work with Active Directory. Compared to ldapjs, it is more specialized for Active Directory environments and offers simpler interfaces for common tasks like user authentication and group membership checks.
The 'ldapauth-fork' package is a Node.js library for authenticating users against an LDAP server. It is a fork of the original 'ldapauth' package and provides a straightforward way to authenticate users. Compared to ldapjs, it is more focused on authentication and less on general LDAP operations, making it a good choice for applications that primarily need to authenticate users.
LDAPjs makes the LDAP protocol a first class citizen in Node.js.
For full docs, head on over to http://ldapjs.org.
var ldap = require('ldapjs');
var server = ldap.createServer();
server.search('dc=example', function(req, res, next) {
var obj = {
dn: req.dn.toString(),
attributes: {
objectclass: ['organization', 'top'],
o: 'example'
}
};
if (req.filter.matches(obj.attributes))
res.send(obj);
res.end();
});
server.listen(1389, function() {
console.log('ldapjs listening at ' + server.url);
});
To run that, assuming you've got the OpenLDAP client on your system:
ldapsearch -H ldap://localhost:1389 -x -b dc=example objectclass=*
npm install ldapjs
DTrace support is included in ldapjs. To enable it, npm install dtrace-provider
.
MIT.
FAQs
LDAP client and server APIs
The npm package ldapjs receives a total of 167,538 weekly downloads. As such, ldapjs popularity was classified as popular.
We found that ldapjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.