I am using the activedirectory npm package for authenticating to the activedirectory in the enterprise. Finding trouble authenticating, whereas I have done this multiple times before in other softwares.
var ActiveDirectory = require('activedirectory');
var config = { url: 'ldap://<ldap server>:389',
baseDN:'DC=ads,DC=dwdwdw,DC=com',
bindDN: 'CN=dddd,OU=ServiceAccounts,OU=Process,DC=ads,DC=dwdwdw,DC=com',
bindCredentials: 'vBAX5y5@',
includeMembership:['user'],
referrals: {
enabled: false,
excluded: [ ]
},
attributes: {
user: [ 'sAMAccountName' ],
group: [ 'distinguishedName' ]
},
//filter: '(&(objectcategory=person)(objectclass=user)(|(samaccountname={{username}})(mail={{mail}})))'
//filter: '(&(objectcategory=*)(|(samaccountname={{username}})))'
}
var sAMAccountName = 'sss';
var password = 'password';
var username = sAMAccountName;
ad.authenticate(sAMAccountName, password, function(err, auth) {
if (err) {
console.log('ERROR: '+JSON.stringify(err));
return;
}
when I run this nodejs script, I get the below error :
ERROR: {"lde_message":"80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580\u0000","lde_dn":null}
Safe to say, I have no idea what I am doing.
But I do know that the searchAttribute should be 'sAMAccountName' - how do i put this in the config?
I also know that when I substitute the username of 'sss' with its DN i.e.
var username = 'CN=<full name of user>,OU=InfoWorker,OU=People,DC=ads,DC=dwdwdw,DC=com';
, it authenticates perfectly.
I have used usertodnmapping while enabling LDAP on MongoDB successfully.
userToDNMapping: |-
[
{
match: "(.+)",
ldapQuery: "dc=ads,dc=dwdwdw,dc=com??sub?(samAccountName={0})"
}
]
But I just cannot seem to find the equivalent of it to use in activedirectory package. Could you please help me with it?
I would not mind using ldapjs as well. I just haven't had much success with that either. I just want to get authenticated in with the username, and get the username's group memberships.