ldapauth-fork InvalidCredentialsError [英] ldapauth-fork InvalidCredentialsError
问题描述
我正在尝试使用ldapauth-fork对LDAP进行用户身份验证.我在使用LDAP Admin帐户时遇到问题,虽然我知道这是正确的并且可以在LDAP浏览器上正常工作,但是我无法使其与ldapauth-fork一起使用.
I am trying to authenticate user against LDAP by using ldapauth-fork. I am having a problem with LDAP Admin account, while I know that it is right and works fine with LDAP browser but I am not able to make it work with ldapauth-fork.
var basicAuth = require('basic-auth');
var LdapAuth = require('ldapauth-fork');
var username= 'usernameToSearch';
var password= 'userPassword';
var ldap = new LdapAuth({
url: 'ldap://......',
bindDN: 'sAMAccountName=AdminName,OU=Domian,DC=domain,DC=local',
bindCredentials: 'AdminPassword',
searchBase: 'OU=Domain,DC=domian,DC=local',
searchFilter: '(sAMAccountName={{' + username + '}})',
reconnect: true
});
ldap.authenticate(username, password, function (err, user) {
if (err) {
console.log(err);
res.send({
success: false,
message: 'authentication failed'
});
} else if (!user.uid) {
console.log("user not found Error");
res.send({
success: false,
message: 'authentication failed'
});
} else if (user.uid) {
console.log("success : user " + user.uid + " found ");
}
});
这是正在得到的错误
InvalidCredentialsError:80090308:LdapErr:DSID-0C09042F,注释: AcceptSecurityContext错误,数据52e,v2580
InvalidCredentialsError: 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
lde_message:'80090308:LdapErr:DSID-0C09042F,注释: AcceptSecurityContext错误,数据52e,v2580 \ u0000',lde_dn:空
lde_message: '80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580\u0000', lde_dn: null
感谢您的帮助.
推荐答案
尝试使用 activedirectory2 超过npm的库,我尝试使用ldapauth-form,但可以成功获得结果
Try using the activedirectory2 library over npm, I tried with ldapauth-form but could get a successful result
它具有许多完成工作的功能,例如
It has a number of functions to get work done such as
- 验证
- findUser
配置代码
const AD = require('activedirectory2').promiseWrapper;
const config = { url: 'ldap://dc.domain.com',
baseDN: 'dc=domain,dc=com',
username: 'username@domain.com',
password: 'password' }
const ad = new AD(config);
用于#authenticate
for #authenticate
var ad = new ActiveDirectory(config);
var username = 'john.smith@domain.com';
var password = 'password';
ad.authenticate(username, password, function(err, auth) {
if (err) {
console.log('ERROR: '+JSON.stringify(err));
return;
}
if (auth) {
console.log('Authenticated!');
}
else {
console.log('Authentication failed!');
}
});
与#finduser类似
similarly for #finduser
// Any of the following username types can be searched on
var sAMAccountName = 'username';
var userPrincipalName = 'username@domain.com';
var dn = 'CN=Smith\\, John,OU=Users,DC=domain,DC=com';
// Find user by a sAMAccountName
var ad = new ActiveDirectory(config);
ad.findUser(sAMAccountName, function(err, user) {
if (err) {
console.log('ERROR: ' +JSON.stringify(err));
return;
}
if (! user) console.log('User: ' + sAMAccountName + ' not found.');
else console.log(JSON.stringify(user));
});
这篇关于ldapauth-fork InvalidCredentialsError的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!