new PooledLdapConnection(url, bindDn, bindCredential, tlsOptionsopt)
- Source:
Create a new connection pool bound to the LDAP server described by the provided URL.
Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
url |
String | ldap:// or ldaps:// URL to the target host |
||
bindDn |
String | DN or username of the user to perform an initial bind |
||
bindCredential |
String | Password for the initial bind |
||
tlsOptions |
Object |
<optional> |
null
|
If using LDAPS, provide a standard Node.js tlsOptions object |
Methods
acquire() → {Promise}
- Source:
Get an LDAP connection from the pool, and if necessary, creating a new connection.
Returns:
Resolved with a connection from the pool
- Type
- Promise
add(dn, attributes, controls) → {Promise}
- Source:
Add an entry to the LDAP directory.
Parameters:
| Name | Type | Description |
|---|---|---|
dn |
String | Distinguished name for the new entry |
attributes |
Object | Key/values for the new attributes |
controls |
Control | Array.<Control> | Optional LDAP controls to decorate the request |
Returns:
Resolved when add is complete
- Type
- Promise
changeCredential(dn, credential, attributeNameopt, encodingTypeopt) → {Promise}
- Source:
Change the password credential on an existing account in the LDAP directory.
Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
dn |
String | Distinguished name for the existing account |
||
credential |
String | New credential to assign |
||
attributeName |
String |
<optional> |
userPassword
|
Optionally, specify the name of the password attribute in the directory (for example, Active Directory requires password writes on the unicodePwd attribute) |
encodingType |
String |
<optional> |
null
|
Optionally, specify special encoding that the LDAP may require (for example 'msad' for Active Directory) |
Returns:
Resolved when the change is complete
- Type
- Promise
compare(dn, attribute, value, controls) → {Promise}
- Source:
Compare an entry in the LDAP with the given attribute and value
Parameters:
| Name | Type | Description |
|---|---|---|
dn |
String | Distinguished name for the new entry |
attribute |
String | Name of the attribute to compare |
value |
any | Value to be compared |
controls |
Control | Array.<Control> | Optional LDAP controls to decorate the request |
Returns:
Resolved with result of the comparison
- Type
- Promise
delete(dn, controls) → {Promise}
- Source:
Delete an existing entry from the LDAP directory.
Parameters:
| Name | Type | Description |
|---|---|---|
dn |
String | Distinguished name for the existing entry |
controls |
Control | Array.<Control> | Optional LDAP controls to decorate the request |
Returns:
Resolved when the delete is complete
- Type
- Promise
encodeCredential(credential, encodingTypeopt) → {String}
- Source:
Given a plain credential, perform a specical encoding process to prepare the credential to be added to the directory. Defaults to doing nothing and passes the credential back as it was received.
Most LDAPs will not require anything special. As a peculiar example, Microsoft AD requires a new credential to be UTF16LE encoded and surrounded in double quotes. You can request this encoding to be applied by specifying 'msad' for the encodingType parameter.
Example
Encode a password for Active Directory
encodeCredential('newpw', 'msad')Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
credential |
String | New credential to encode |
||
encodingType |
String | function |
<optional> |
null
|
Identifier of an alternate encoding to apply, or a function if you want to provide your own |
Returns:
Encoded credential, or nothing if there was no encoding specified
- Type
- String
getPoolStatistics() → {Object}
- Source:
Get the latest statistics from the pool regarding available and used connections. See pool2 documentation for more information on what this returns.
Returns:
- Type
- Object
isCredentialFailedError(error)
- Source:
Utility function to try and identify if an error object returned by Ldapjs when a credential bind indicates that the password itself was incorrect. First checks for code 49, and if that does not work then looks for known error messages from certain directory types.
Parameters:
| Name | Type | Description |
|---|---|---|
error |
Error | The error that was thrown |
modify(dn, changes, controls) → {Promise}
- Source:
Perform a modification on an existing entry in the LDAP directory.
Parameters:
| Name | Type | Description |
|---|---|---|
dn |
String | Distinguished name for the existing entry |
changes |
Change | Array.<Change> | One or more Ldapjs change objects defining which attributes are changed |
controls |
Control | Array.<Control> | Optional LDAP controls to decorate the request |
Returns:
Resolved when the modification is complete
- Type
- Promise
modifySimple(dn, …operations) → {Promise}
- Source:
Different method of making a modification on an existing entry in the LDAP directory by allowing the specifying of operations and attribute name/value pairs as function args. This promotes very high readability of the function call, and automates much of the low-level object creation required by Ldapjs.
Example
modifySimple(
'cn=something,dc=somehost,dc=somedomain',
'replace, 'displayName', 'John Doe')Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
dn |
String | Distinguished name for the existing entry |
|
operations |
String |
<repeatable> |
Specify operations in 3-argument pairs: the operation, attribute name, and the value |
Returns:
Resolved when the modification is complete
- Type
- Promise
search(baseDn, filter, attributesopt, scopeopt) → {Promise}
- Source:
Search the LDAP directory for one or more entries based on the criteria provided in the function arguments.
Example
search('ou=People,dc=somehost,dc=somedomain', '(cn=someid)')Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
baseDn |
String | The entry where the search should begin |
||
filter |
String | Attribute filter expression to limit results |
||
attributes |
Array.<String> |
<optional> |
[]
|
Array of attributes to return (defaults to all) |
scope |
String |
<optional> |
'one'
|
Search scope expressed as base|one|sub |
Returns:
Resolved with array of entries found
- Type
- Promise
shutdown() → {Promise}
- Source:
Shutdown this connection pool and cleanup all open connections.
Returns:
Resolved when the pool has disposed all of its resources
- Type
- Promise
testCredential(dn, credential) → {Promise}
- Source:
Utility function to QA a credential by attempting to perform a simple bind. The LDAP connection is always disposed after binding because it is less complicated to get a new one from the pool than constantly rebinding connections.
Parameters:
| Name | Type | Description |
|---|---|---|
dn |
String | Distinguished name for the account to test |
credential |
String | Credential/secret for the named account |
Throws:
-
If the error returned from the directory appears to indicate credential failed
- Type
- Errors.CredentialValidationFailed
Returns:
Resolved with true if the authentication passed, or rejected if not
- Type
- Promise
withConnection(disposeopt) → {Promise}
- Source:
Utility function to automatically acquire a connection from the pool, execute a custom callback, and then ensure the connection is returned back to the pool (or optionally removed from the pool through disposal)
Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
dispose |
Boolean |
<optional> |
false
|
If true, the connection should be disposed instead of returned back to the pool |
Returns:
Resolved when entire operation is complete
- Type
- Promise