LDAPjs find entry knowing cn

Question

I have a remote LDAP server with entries like this:

CN=Fred Foobar, OU=Dept1, O=FooBar

Using LDAPjs as a client, how do I find this entry when only the CN is known at runtime?

I have tried each of the following, with no success:

ldap.search("cn=Fred Foobar", {}, callback); // returns an error
ldap.search("", {filter: "(cn=Fred Foobar)"}, callback); // returns nothing useful
ldap.search("", {filter: "(cn=Fred Foobar)", scope: "sub"}, callback); // returns an error

score 0 · Accepted Answer · answered Jun 01 '17 at 06:59

0

I never used ldapjs, but from the documentation I would try :

ldap.search("O=FooBar", {scope:"sub", filter:"(cn=Fred Foobar)"},function(err, res) {
  // Code to handle the result
});

See doc : http://ldapjs.org/client.html#search

answered Jun 01 '17 at 06:59

Esteban

1,752
1
8
17

At runtime, however, I only have the user's CN, not the rest of the DN. – user1207177 Jun 01 '17 at 10:29
Also, the `function(err, result) { /* code to handle result */ }` is covered by the reference to `callback`. – user1207177 Jun 01 '17 at 10:30
@user1207177 Here also I do not have the user dn, what I put as the First parameter is the baseDN of the directory, which is the root dn which is common to all the entries in the directory. I assumed the value from your example. If you know a sub dn where all the users are stored, put this one, it will limit the search to only this subtree – Esteban Jun 01 '17 at 11:13
How do I handle it if I don't, at run-time, have any part of the DN except the CN, including the suffix? For all I know (at run time), he could be in O=Baz instead. – user1207177 Jun 06 '17 at 18:50
1

LDAP data are structured as a `TREE`, which possesses a `ROOT` common to all the entries. If you do not know this `rootdn` it is the same as requesting a RDBM without knowing in which `database` your data are stored. If the directory possesses multiple databases, then you can either 1) request each rootdn, 2) implement referrals in the directory and follow them on your client, 3) if your directory exposes it, request the (empty) basedn to have access to all the rootdn the directory handles (on openldap `ldapsearch -b "" -s base \* +` you will find them in the `namingContexts` attributes) – Esteban Jun 12 '17 at 12:53

LDAPjs find entry knowing cn

1 Answers1