节点JS LDAPauthentication用户

我正在创build一个login身份validation页面,在那里用户将input活动目录的用户名和密码,并使用NodeJS我会检查,看看是否有效,但我不断

[Error: LDAP Error Bad search filter] 

要么

 [Error: Search returned != 1 results] 

当我试图search用户名和密码时,我的代码如下:

我使用的是: https : //github.com/jeremycx/node-LDAP ,假设用户input了hhill的用户名

  var ldap = require('LDAP'); var ldapServer = new ldap({ uri: 'ldap://batman.lan', version: 3}); ldapServer.open(function(error) { if(error) { throw new Error('Cant not connect'); } else { console.log('---- connected to ldap ----'); username = '(cn='+username+')'; ldapServer.findandbind({ base: 'ou=users,ou=compton,dc=batman,dc=lan', filter: username, password: password }, function(error, data) { if(error){ console.log(error); } else { console.log('---- verified user ----'); } }); } }); 

有没有人有什么我做错了什么build议?

UPDATE

如果有人需要这个解决scheme,请参考下面的答案

  var username = request.param('username'); var password = request.param('password'); var ldap = require('ldapjs'); ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B; var client = ldap.createClient({ url: 'ldap://batman.com/cn='+username+', ou=users, ou=compton, dc=batman, dc=com', timeout: 5000, connectTimeout: 10000 }); var opts = { filter: '(&(objectclass=user)(samaccountname='+username+'))', scope: 'sub', attributes: ['objectGUID'] }; console.log('--- going to try to connect user ---'); try { client.bind(username, password, function (error) { if(error){ console.log(error.message); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); } else { console.log('connected'); client.search('ou=users, ou=compton, dc=batman, dc=com', opts, function(error, search) { console.log('Searching.....'); search.on('searchEntry', function(entry) { if(entry.object){ console.log('entry: %j ' + JSON.stringify(entry.object)); } }); search.on('error', function(error) { console.error('error: ' + error.message); }); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); }); } }); } catch(error){ console.log(error); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); } 

在这种情况下,您需要ldapClient而不是ldapServer ,这是来自官方文档的示例代码:

 var ldap = require('ldapjs'); ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B; var client = ldap.createClient({ url: 'ldap://127.0.0.1/CN=test,OU=Development,DC=Home' }); var opts = { filter: '(objectclass=user)', scope: 'sub', attributes: ['objectGUID'] }; client.bind('username', 'password', function (err) { client.search('CN=test,OU=Development,DC=Home', opts, function (err, search) { search.on('searchEntry', function (entry) { var user = entry.object; console.log(user.objectGUID); }); }); }); 

@Sukh感谢您发布您的更新解决scheme; 但是,您在UPDATE中发布的代码存在问题。 虽然它适用于简单的情况,但对于较大的查询,您会发现在输出结果之前您将解除绑定。 对我来说,解决scheme是将您的解除绑定到search.on函数中。

这里是你的更新的编辑:

 var ldap = require('ldapjs'); ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B; var client = ldap.createClient({ url: 'ldap://batman.com/cn='+username+', ou=users, ou=compton, dc=batman, dc=com', timeout: 5000, connectTimeout: 10000 }); var opts = { filter: '(&(objectclass=user)(samaccountname='+username+'))', scope: 'sub', //attributes: ['objectGUID'] // This attribute list is what broke your solution attributes: ['objectGUID','sAMAccountName','cn','mail','manager','memberOf'] }; console.log('--- going to try to connect user ---'); try { client.bind(username, password, function (error) { if(error){ console.log(error.message); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); } else { console.log('connected'); client.search('ou=users, ou=compton, dc=batman, dc=com', opts, function(error, search) { console.log('Searching.....'); search.on('searchEntry', function(entry) { if(entry.object){ console.log('entry: %j ' + JSON.stringify(entry.object)); } client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); }); search.on('error', function(error) { console.error('error: ' + error.message); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); }); // don't do this here //client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); }); } }); } catch(error){ console.log(error); client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}}); } 

至less这是我在Active Directorysearch中使用解决scheme时发现的。 memberOf在我的用例中返回了很多条目,而且绑定正在过早完成,所以我得到以下错误:

 error: 1__ldap://my.domain.com/,OU=Employees,OU=Accounts,DC=my,DC=domain,DC=com closed client disconnected