npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@baitic/ad

v1.0.1

Published

Active Directory API for Node

Downloads

9

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jhereujhereusegarcialosegarcialo

Keywords

activedirectoryldapauthenticationapiadaddictmicrosoftwindowseasychainable

Readme

@baitic/ad

Fork of dthree's ad package with some minor changes:

  • ad.username(user).get(filter) now gets all fetched attributes by ldapjs.
  • Some method calls are corrected from README.md.
  • Attribute telephone is no longer ignored by ad.user().add(options).
  • Credential attributes for connection are now username and password.

AD is a Javascript implementation of common Active Directory tasks, built to be simple as possible.

You can use async / await:

(async () => {
	try {

		await ad.user().add({
			userName: 'jsmith'
			firstName: 'John',
			lastName: 'Smith',
			location: '/Users/Sales',
			password: 'J@vascr!pt1'
		});
		await ad.group().add('Sales');
		await ad.user('jsmith').addToGroup('Sales');

	} catch(err) {
		// ...
	}
})();

Or stick with promises:

ad.user('agnes').password('d0ntForgetThisTime')\
	.then(() => ad.user('crook').disable())
	.then(() => ad.user('larry').move('Dungeon'))
	.catch((err) => {
		// ...
	});

Features

  • Robust user, group and ou manipulation methods
  • High and low-level search methods
  • Caching by default
  • Fancy result filtering including column and value filtering, sorting and pagination
  • Companion drop-in REST API

Getting Started

First, install the library:

npm install --save @baitic/ad
yarn add @baitic/ad

Then add this to index.js:

const AD = require('@baitic/ad');

// Your AD account should be a member
// of the Administrators group.
const ad = new AD({
    url: 'ldaps://127.0.0.1',
    username: '[email protected]',
    password: 'howinsecure'
});

ad.user()
    .get()
    .then(users => {
        console.log('Your users:', users);
    })
    .catch(err => {
        console.log('Error getting users:', err);
    });

Now run the file:

node index.js

And you're off to the races.

API

ad.user().get(filter);
ad.user().add(options);
ad.user(username).get(filter);
ad.user(userName).exists();
ad.user(userName).addToGroup(groupName);
ad.user(userName).removeFromGroup(groupName);
ad.user(userName).isMemberOf(groupName);
ad.user(userName).authenticate(password);
ad.user(userName).password(password);
ad.user(userName).passwordNeverExpires();
ad.user(userName).passwordExpires();
ad.user(userName).enable();
ad.user(userName).disable();
ad.user(userName).move(location);
ad.user(userName).unlock();
ad.user(userName).remove();
ad.user(userName).location();

ad.group().get(filter);
ad.group().add(options);
ad.group(groupName).get(filter);
ad.group(groupName).exists();
ad.group(groupName).addUser(userName);
ad.group(groupName).removeUser(userName);
ad.group(groupName).remove();

ad.ou().get(filter);
ad.ou().add(options);
ad.ou(ouName).get();
ad.ou(ouName).exists();
ad.ou(ouName).remove();

ad.other().get(filter);
ad.all().get(filter);
ad.find(searchString);

ad.cache(boolean);
ad.cacheTimeout(millis);

User Methods

ad.user().get(filter)

Returns all user objects.

await ad.user().get({ fields: 'sAMAccountName' });
// => ['jsmith', 'dthree', 'qix'];

ad.user().add(options)

Creates a new user. Returns the created user object.

Options:
  • userName: String (required)
  • password: String (required)
  • commonName: String (required)
  • firstName: String
  • lastName: String
  • email: String
  • telephone: String
  • title: String
  • location: String

If not specified, the first and last name will be based on the commonName.

await ad.user().add({
	userName: 'jsmith'
	commonName: 'John Smith',
	password: 'J@vascr!pt1'
});
// => {sAMAccountName: 'jsmith' ... }

ad.user(userName).get(filter)

Returns a user object. If no user is matched, returns undefined.

await ad.user('jsmith').get();
// => {sAMAccountName: 'jsmith', email: '[email protected]' ... }

ad.user(userName).exists()

Returns a Boolean of whether the user account matched.

await ad.user('lochness').exists();
// => false

ad.user(userName).addToGroup(groupName)

Adds a user to a security group.

await ad.user('jsmith').addToGroup('Sales');
// => {success: true}

ad.user(userName).removeFromGroup(groupName)

Removes a user from a security group.

await ad.user('jsmith').removeFromGroup('Sales');
// => {success: true}

ad.user(userName).isMemberOf(groupName)

Returns a Boolean based on whether the user is a member of a group.

await ad.user('jsmith').isMemberOf('Sales');
// => true

ad.user(userName).authenticate(password)

Attempts to authenticate a user with a given password. Returns Boolean.

await ad.user('jsmith').authenticate('J@vascript1#!');
// => true

ad.user(userName).password(password)

Sets a user's password.

await ad.user('jsmith').password('Wh-m@ksp@ssw-rdslIkethis');
// => true

ad.user(userName).passwordNeverExpires()

Sets a user's to never expire.

await ad.user('jsmith').passwordNeverExpires();
// => {success: true}

ad.user(userName).passwordExpires()

Unchecks the "Password never expires" box.

await ad.user('jsmith').passwordExpires();
// => {success: true}

ad.user(userName).enable()

Enables a user.

await ad.user('jsmith').enable();
// => {success: true}

ad.user(userName).disable()

Disables a user.

await ad.user('jsmith').disable();
// => {success: true}

ad.user(userName).unlock()

Unlocks a user who has been locked out by repeated failed login attempts.

await ad.user('jsmith').unlock();
// => {success: true}

ad.user(userName).lock()

Just kidding. You can't lock an account. Try disabling it instead.

await ad.user('jsmith').disable();
// => {success: true}

ad.user(userName).move(location)

Moves a user to another directory, starting from the root of the domain.

await ad.user('jsmith').move('Users/HR');
// => {success: true}

This is the equivalent of acme.co => Users (OU) => HR (OU). The new Distinguished Name (DN) would become CN=John Smith,OU=HR,OU=Users,DC=acme,DC=co.

To specify a folder that is not an Organizational Unit, prefix it with !:

await ad.user('admin').move('!Builtin');
// => {success: true}

ad.user(userName).location()

Returns a user's relative location, separated by /es.

await ad.user('jsmith').location();
// => 'Users/HR'

ad.user(userName).remove()

Deletes a user. Are you sure you want to do this?

await ad.user('jsmith').remove();
// => {success: true}

Group Methods

ad.group().get(filter)

Returns all group objects.

await ad.group().get();
// => [{ ... }, { ... }];

ad.group().add(options)

Creates a new group. Returns the created group object.

Options:
  • name: String (required)
  • location: String
  • description: String
await ad.group().add({
	name: 'HR'
	location: '!Builtin',
	description: 'Human Resources users.'
});
// => {sAMAccountName: 'HR' ... }

ad.group(groupName).get(filter)

Returns a group object. If no group is matched, returns undefined.

await ad.group('HR').get();
// => {sAMAccountName: 'HR', description: 'Human...' ... }

ad.group(groupName).exists()

Returns a Boolean of whether the group account matched.

await ad.group('Beastie Boys').exists();
// => false

ad.group(groupName).addUser(groupName)

Adds a user to a group.

await ad.group('HR').addUser('bjones');
// => {success: true}

ad.group(groupName).removeUser(groupName)

Removes a user from a group.

await ad.group('HR').removeUser('bjones');
// => {success: true}

ad.group(groupName).remove()

Deletes a group.

await ad.group('HR').remove();
// => {success: true}

Organizational Unit (OU) Methods

ad.ou().get(filter)

Returns all ou objects.

await ad.ou().get();
// => [{ ... }, { ... }];

ad.ou().add(options)

Creates a new Organizational Unit. Returns the created OU object.

Options:
  • name: String (required)
  • location: String
  • description: String
await ad.ou().add({
	name: 'Sales'
	location: 'Users'
	description: 'Sales Users.'
});
// => {ou: 'Sales' ... }

ad.ou(ouName).get(filter)

Returns an OU object. If no OU is matched, returns undefined.

await ad.ou('Sales').get();
// => {ou: 'Sales', description: 'Sales...' ... }

ad.ou(ouName).exists()

Returns a Boolean of whether the OU exists.

await ad.ou('Sales').exists();
// => true

ad.user(userName).remove()

Deletes an Organizational Unit. As a note, if it has any children, this will not work.

await ad.ou('Sales').remove();
// => {success: true}

Other methods

ad.other().get(filter)

Returns all objects that are not users or groups.

await ad.other().get();
// => [{ ... }, { ... }];

ad.all().get(filter)

Returns all objects in the Active Directory instance, grouping by users, groups and other.

await ad.other().get();
// => [users: [...], groups: [...], other: [...]];

ad.find(searchString)

Returns a raw search of the entire Active Directory.

await ad.search('CN=Da*');
// => [{...}, {...}];

Caching

ad.cache(boolean)

Enables or disables caching. Defaults to true.

ad.cache(false);

ad.cacheTimeout(millis)

Sets the amount of milliseconds before a cached item expires. Defaults to ten minutes. Chainable to ad.cache.

ad.cache(true).cacheTimeout(60000);

Why?

Active Directory / LDAP can be hard. Some of us are stuck with it.

Should you really have to know that cn stands for Common Name (or was it Canonical) in order to use it? Or that sn is a surname*? I dislike systems that require detailed knowledge of their dirty laundry to do anything with them.

So this was a selfish project, really.

Made with <3 by dthree.

License

MIT