Group Lookup not working?
JannikZed opened this issue · comments
Hi there,
Amazing to find this library! LDAP is really not my field, so that helps me a lot.
I'm going with this settings:
const LDAPoptions = {
ldapOpts: {
url: url,
// tlsOptions: { rejectUnauthorized: false }
},
adminDn: ldapAdminUsername,
adminPassword: ldapAdminPassword,
userPassword: credentials.password,
userSearchBase: baseDn,
usernameAttribute: ldapIdField,
username: credentials.username,
groupsSearchBase: ldapGroupsSearchBase,
groupClass: ldapGroupObjectClass
}
Login works fine - I just expected to get the corresponding groups of a user in the returning user object. But nothing is there. Also I think I can't see another find operation.
Am I doing or understanding something wrong?
ah ok, seems like this feature is just not yet included in my version 2.2.1 that got installed from npm.. is it possible to get a new release soon? Could really use the library in an active project right now.
Just published 2.2.4. Give it a try!
nice! One question / improvement. Right now the group lookup is done with the user binding - not admin binding. In my testing setup, everything works fine, but in a production ldap that we were testing it, it did not work out, as users are not allowed to search there - just admins. Do you think we could improve this feature and use the admin LDAP account for searching, when available and otherwise fallback to user search?
I am open to suggestions, but the purpose of this tool is to authenticate a user. For other purpose, why not directly use ldapjs?