如何获取我使用 ldapjs 绑定的用户的个人资料
How to get profile of user I have binded as using ldapjs
我正在使用 ldapjs 包。我正在使用这段代码,它允许我
使用 readonly
凭据绑定到 ldap 服务器并从 ou=people
.
中提取一个用户配置文件
'use strict';
// Figure 1
const ldap = require('ldapjs');
const ldapClient = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
const username = 'cn=readonly,dc=vodolaz095,dc=life';
const password = 'readonly';
ldapClient.bind(
username,
password,
function (error) {
if (error) {
throw error;
}
console.log('bind performed');
ldapClient.search('ou=people,dc=vodolaz095,dc=life', {
filter: `(uid=vodolaz095)`,
scope: 'one',
attributes: ['uid', 'dn', 'cn', 'mail']
}, function (error, res) {
if (error) {
throw error;
}
res.on('searchEntry', function (data) {
// console.log('Data found', data);
console.log('Data object', JSON.stringify(data.object, null, 2));
});
res.once('error', function(error){
throw error;
});
res.once('end', function () {
console.log('Completed');
process.exit(0)
});
});
}
);
现在,我将用户名和密码更改为受限用户的用户名和密码,我已通过 readonly
凭据提取并执行相同的代码:
// same code as in figure 1
const username = 'uid=vodolaz095,ou=people,dc=vodolaz095,dc=life';
const password = 'thisIsNotAPassword123';
// same code as in figure 1
我可以绑定到ldap服务器,没问题。但是当我尝试获取自己的个人资料时,它 returns 我 NoSuchObjectError: No Such Object error
所以,问题是:如何在 openldap
中获取我绑定的用户的个人资料?
比如,我如何制作 whoami
命令?
您可以通过使用您的 bindDN 设置 base
搜索来获取您绑定的用户的条目,并将范围设置为 base
(没有任何过滤器)。
所以如果 username
是 bindDN,这应该有效:
ldapClient.search(username, {
scope: 'base',
attributes: ['uid', 'dn', 'cn', 'mail']
}
UPD:按预期工作的完整代码示例:
'use strict';
const ldap = require('ldapjs');
const ldapClient = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
const username = 'uid=vodolaz095,ou=people,dc=vodolaz095,dc=life'
const password = 'thisIsVerySecureSecretPassword';
ldapClient.bind(
username,
password,
function (error) {
if (error) {
throw error;
}
console.log('bind performed');
ldapClient.search('uid=vodolaz095,ou=people,dc=vodolaz095,dc=life', { // notice, full id of user profile here
filter: `(uid=vodolaz095)`, // seems to be ignored, same result, if filter used or not used
scope: 'base', // important
attributes: ['uid', 'dn', 'cn', 'mail']
}, function (error, res) {
if (error) {
throw error;
}
res.on('searchEntry', function (data) {
// console.log('Data found', data);
console.log('Data object', JSON.stringify(data.object, null, 2));
});
res.once('error', function (error){
throw error;
});
res.once('end', function () {
console.log('All passed');
process.exit(0);
});
});
}
);
我正在使用 ldapjs 包。我正在使用这段代码,它允许我
使用 readonly
凭据绑定到 ldap 服务器并从 ou=people
.
'use strict';
// Figure 1
const ldap = require('ldapjs');
const ldapClient = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
const username = 'cn=readonly,dc=vodolaz095,dc=life';
const password = 'readonly';
ldapClient.bind(
username,
password,
function (error) {
if (error) {
throw error;
}
console.log('bind performed');
ldapClient.search('ou=people,dc=vodolaz095,dc=life', {
filter: `(uid=vodolaz095)`,
scope: 'one',
attributes: ['uid', 'dn', 'cn', 'mail']
}, function (error, res) {
if (error) {
throw error;
}
res.on('searchEntry', function (data) {
// console.log('Data found', data);
console.log('Data object', JSON.stringify(data.object, null, 2));
});
res.once('error', function(error){
throw error;
});
res.once('end', function () {
console.log('Completed');
process.exit(0)
});
});
}
);
现在,我将用户名和密码更改为受限用户的用户名和密码,我已通过 readonly
凭据提取并执行相同的代码:
// same code as in figure 1
const username = 'uid=vodolaz095,ou=people,dc=vodolaz095,dc=life';
const password = 'thisIsNotAPassword123';
// same code as in figure 1
我可以绑定到ldap服务器,没问题。但是当我尝试获取自己的个人资料时,它 returns 我 NoSuchObjectError: No Such Object error
所以,问题是:如何在 openldap
中获取我绑定的用户的个人资料?
比如,我如何制作 whoami
命令?
您可以通过使用您的 bindDN 设置 base
搜索来获取您绑定的用户的条目,并将范围设置为 base
(没有任何过滤器)。
所以如果 username
是 bindDN,这应该有效:
ldapClient.search(username, {
scope: 'base',
attributes: ['uid', 'dn', 'cn', 'mail']
}
UPD:按预期工作的完整代码示例:
'use strict';
const ldap = require('ldapjs');
const ldapClient = ldap.createClient({
url: 'ldap://127.0.0.1:389'
});
const username = 'uid=vodolaz095,ou=people,dc=vodolaz095,dc=life'
const password = 'thisIsVerySecureSecretPassword';
ldapClient.bind(
username,
password,
function (error) {
if (error) {
throw error;
}
console.log('bind performed');
ldapClient.search('uid=vodolaz095,ou=people,dc=vodolaz095,dc=life', { // notice, full id of user profile here
filter: `(uid=vodolaz095)`, // seems to be ignored, same result, if filter used or not used
scope: 'base', // important
attributes: ['uid', 'dn', 'cn', 'mail']
}, function (error, res) {
if (error) {
throw error;
}
res.on('searchEntry', function (data) {
// console.log('Data found', data);
console.log('Data object', JSON.stringify(data.object, null, 2));
});
res.once('error', function (error){
throw error;
});
res.once('end', function () {
console.log('All passed');
process.exit(0);
});
});
}
);