0

I have an issue similar to Ldapsearch to ldapjs conversion, except for I think I already use the scope correctly.

My code is like this:

            const ldap = require('ldapjs');
            var client = ldap.createClient({
                url: 'ldap://70.70.70.70:389',
                log,
            });
            client.bind('CN=vagrant,CN=Users,DC=perficientads,DC=com' /*'vagrant@perficientads.com'*/, 'vagrant', function(err) {
                if (err) {
                    return console.log('Error:', err);
                }
                client.search('DC=perficientads,DC=com',
                    {
                        //filter:'(&(|(objectClass=user)(objectClass=person))(!(objectClass=computer))(!(objectClass=group))(cn=*vagrant*))',
                        filter: '(sAMAccountName=vagrant)',
                        //filter: '(&(|(objectClass=user)(objectClass=person))(!(objectClass=computer))(!(objectClass=group)))',
                        attributes: [
                            'dn', 'sn', 'cn',
                            "mail",
                        ],
                        scope: 'sub',
                    },
                    function(err, res) {
                        res.on('searchEntry', function(entry) {
                            console.log('entry: ' + JSON.stringify(entry.object));
                            resolve(null);
                        });
                        res.on('searchReference', function(referral) {
                            console.log('referral: ' + referral.uris.join());
                            resolve(null);
                        });
                        res.on('error', function(err) {
                            console.error('error: ' + err.message);
                            resolve(null);

                        });
                        res.on('end', function(result) {
                            console.log('result status: ' + JSON.stringify(result));
                            resolve(null);
                        });
                    }
                );
            });

        });

The whole ldapjs debug log is accessible at https://gist.github.com/davidpodhola/b8c851ca3e7c4cf0c66d8981cd250028#file-log-txt-L25; the most important part is that it contains lines like 

{"name":"oecsc-rental","hostname":"PerficientAD","pid":4992,"clazz":"Client","level":10,"msg":"Parsing done: {\"messageID\":2,\"protocolOp\":\"SearchEntry\",\"objectName\":\"CN=vagrant,CN=Users,DC=perficientads,DC=com\",\"attributes\":[{\"type\":\"cn\",\"vals\":[\"vagrant\"]}],\"controls\":[]}","time":"2019-10-03T12:41:07.524Z","v":0}
{"name":"oecsc-rental","hostname":"PerficientAD","pid":4992,"clazz":"Client","ldap_id":"1__ldap://70.70.70.70:389","level":10,"msg":"response received","time":"2019-10-03T12:41:07.524Z","v":0}

which I believe mean SearchEntry should be returned.

Performing the same search with ldapsearch like 

ldapsearch -H ldap://70.70.70.70:389 -x -W -D "vagrant@perficientads.com" -b "DC=perficientads,DC=com" "(sAMAccountName=vagrant)" "mail"

work correctly.

The issue is the 'end' event is fired immediately and no searchEntry is fired.

I think I have overlooked something very simple. Please help, thanks!

davidpodhola
  • 1,030
  • 10
  • 17
  • Does the ldapsearch cmd works also using the dn of the manager account ? Or why not using the userPrincipalName in ldapjs ? Also the call to `client.search()` should occur *after* the binding, and you should reserve the `client.bind()` callback for logging error/info messages relative to the bind event itself. Not sure if it has to do with your issue. If not, what do you got without any filter ? – EricLavault Oct 03 '19 at 16:08
  • Thanks for your suggestions. I also tried the code with `vagrant` as the user name and also moving `client.search()` after `client.bind()`, but it did not help. Please note the underlying log seems to show the data are returned, but not processed for some reason. Without any filter it works the same, just the log has all the Active Directory objects. – davidpodhola Oct 04 '19 at 08:18
  • I'd try to add error logging at the very beginning of the `client.search()` callback (before registering the event handlers) to see if it says something : `function(err, res) { assert.ifError(err); }` , see https://www.npmjs.com/package/assert – EricLavault Oct 04 '19 at 09:40

0 Answers0