node-ldapjs icon indicating copy to clipboard operation
node-ldapjs copied to clipboard

Published 20 hours ago verified publisher icon ldapjs

How to define which object attributes are returned in a search

Open arekkusu opened this issue 7 years ago • 1 comments

I've got some simple code to answer LDAP search query for the rootDSE. Normally all attribute under the rootDSE are operational attribute and I want to have a behavior similar to a real LDAP server.

Specifically, I want to implement returning all attributes when search query for attribute "+" (rfc3673) My issue is that I don't understand how I can use ldapjs to archive this. Following does not work as the return object is filtered to only the attribute matching "+" which mean nothing. I imagine there must be a way to explicatively define what is returned.

Any help is very much appreciated.

...
else if (req.attributes.toString() === '+') {
    // Want to send all attributes
    res.send(rootDSEobj)
  } 
...

Full example code:


// Search handler for rootDSE
proxy.search('', function (req, res, next) {

  // rootDSE response
  var rootDSEobj = {
    dn: req.dn.toString(),
    attributes: {
      objectClass: ['top', 'LDAPJSrootDSE'],
      structuralObjectClass: 'LDAPJSrootDSE',
      namingContexts: 'o=example.org',
      supportedLDAPVersion: '3'
    }
  }

  // rootDSE minimal response with only objectClass
  var rootDSEobjMin = {
    dn: req.dn.toString(),
    attributes: {
      objectClass: ['top', 'LDAPJSrootDSE']
    }
  }

  // rootDSE search require base scope
  if (req.scope !== 'base') {
    return next(new ldap.NoSuchObjectError())
  }

  // For empty filter emulate operational attributes (minimal response)
  if (req.attributes.toString() === '') {
    res.send(rootDSEobjMin)
  } else if (req.attributes.toString() === '+') {
    // Want to send all attributes
    res.send(rootDSEobj)
  } else if (req.filter.matches(rootDSEobj.attributes)) {
    const request = 'attr= ' + req.attributes.toString() + ' filter= ' + req.filter.toString()
    res.send(rootDSEobj)
  }
  res.end()
  return next()
})

arekkusu avatar Sep 29 '17 10:09 arekkusu

I suspect this is just not an implemented feature of the server portion of ldapjs. A PR is welcome.

jsumners avatar Aug 26 '19 17:08 jsumners

👋

On February 22, 2023, we released version 3 of this library. As a result, we are closing this issue/pull request.

Please see issue #839 for more information, including how to proceed if you feel this closure is in error.

jsumners avatar Feb 22 '23 19:02 jsumners