ldapauth-fork InvalidCredentialsError [英] ldapauth-fork InvalidCredentialsError

问题描述

我正在尝试使用ldapauth-fork对LDAP进行用户身份验证.我在使用LDAP Admin帐户时遇到问题，虽然我知道这是正确的并且可以在LDAP浏览器上正常工作，但是我无法使其与ldapauth-fork一起使用.

I am trying to authenticate user against LDAP by using ldapauth-fork. I am having a problem with LDAP Admin account, while I know that it is right and works fine with LDAP browser but I am not able to make it work with ldapauth-fork.

var basicAuth = require('basic-auth');
  var LdapAuth = require('ldapauth-fork');
  var username= 'usernameToSearch';
  var password= 'userPassword';

  var ldap = new LdapAuth({
    url: 'ldap://......',
    bindDN: 'sAMAccountName=AdminName,OU=Domian,DC=domain,DC=local',
   bindCredentials: 'AdminPassword',
    searchBase: 'OU=Domain,DC=domian,DC=local',
    searchFilter: '(sAMAccountName={{' + username + '}})',
    reconnect: true
  });

  ldap.authenticate(username, password, function (err, user) {
    if (err) {
      console.log(err);
      res.send({
        success: false,
        message: 'authentication failed'
      });
    } else if (!user.uid) {
      console.log("user not found Error");
      res.send({
        success: false,
        message: 'authentication failed'
      });
    } else if (user.uid) {
      console.log("success : user " + user.uid + " found ");
    }
  });

这是正在得到的错误

InvalidCredentialsError:80090308:LdapErr:DSID-0C09042F，注释: AcceptSecurityContext错误，数据52e，v2580

InvalidCredentialsError: 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580

lde_message:'80090308:LdapErr:DSID-0C09042F，注释: AcceptSecurityContext错误，数据52e，v2580 \ u0000'，lde_dn:空

lde_message: '80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580\u0000', lde_dn: null

感谢您的帮助.

推荐答案

尝试使用 activedirectory2 超过npm的库，我尝试使用ldapauth-form，但可以成功获得结果

Try using the activedirectory2 library over npm, I tried with ldapauth-form but could get a successful result

它具有许多完成工作的功能，例如

It has a number of functions to get work done such as

• 验证
• findUser

配置代码

const AD = require('activedirectory2').promiseWrapper;
const config = { url: 'ldap://dc.domain.com',
           baseDN: 'dc=domain,dc=com',
           username: 'username@domain.com',
           password: 'password' }
const ad = new AD(config);

用于#authenticate

for #authenticate

var ad = new ActiveDirectory(config);
var username = 'john.smith@domain.com';
var password = 'password';

ad.authenticate(username, password, function(err, auth) {
 if (err) {
   console.log('ERROR: '+JSON.stringify(err));
   return;
 }

if (auth) {
 console.log('Authenticated!');
}
else {
 console.log('Authentication failed!');
}
});

与#finduser类似

similarly for #finduser

// Any of the following username types can be searched on
var sAMAccountName = 'username';
var userPrincipalName = 'username@domain.com';
var dn = 'CN=Smith\\, John,OU=Users,DC=domain,DC=com';

// Find user by a sAMAccountName
var ad = new ActiveDirectory(config);
ad.findUser(sAMAccountName, function(err, user) {
if (err) {
 console.log('ERROR: ' +JSON.stringify(err));
 return;
}

if (! user) console.log('User: ' + sAMAccountName + ' not found.');
 else console.log(JSON.stringify(user));
});

这篇关于ldapauth-fork InvalidCredentialsError的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！