node-ldapjs icon indicating copy to clipboard operation
node-ldapjs copied to clipboard

Published 20 hours ago verified publisher icon ldapjs

Accentued characters and some currency characters can't be use with the password field (unicodePwd )

Open rekscy opened this issue 4 years ago • 3 comments

Hi guys,

i'm trying to use accentueted characters in the password field. It seem's to me that accentuated characters like "éàäü and some currency characters € and £ aren't sent currectly to the active directory (2016) user password.

My code look's like follow

  static encodePassword(password: string) {
    return Buffer.from(`"${password}"`, "utf16le").toString();
  }

    changes.push(
      new Change({
        operation: "replace",
        modification: {
          unicodePwd: LdapUtils.encodePassword(newPassword)
        }
      })
    );

I have tried to use 2 different active directories, and update the project to the last version (2.1.1)

When i reset the user password directly from the active directory, i can use the characters mentionated above successfully. But every time i tried to set a new password from my app(node js code), it doenst work. If i try any password without this characters it work's fine from the app and the active directory.

When it fails any error is reported in the nodejs terminal, every thing seem's to work fine, the only difference is that the final user can't log in anymore. (code 52e)

I have tried too different versions of the encode method (wich none seem's to work)

const iconv   = require('iconv-lite');

...

  static encodePassword(password: string) {
       return  iconv.encode(`"${password}"`, "utf16le")
  }

  static encodePassword(password: string) {
  let convertedPassword = '';
  passwordString = '"' + password + '"';

  for (let i = 0; i < passwordString.length; i++) {
    convertedPassword += String.fromCharCode(
      passwordString.charCodeAt(i) & 0xff,
      (passwordString.charCodeAt(i) >>> 8) & 0xff
    )
  }

  return convertedPassword;
  }

I have found someone with the same kind of problem, it seem's too me to me that the same kind of thing is happeninng here, maybe it gives an idea to someone. https://github.com/dapphp/radius/issues/5#issuecomment-489633178

I'm not sure if it's an issue with ldapjs, but i dont really know what i can try more, maybe someone can tell me if he can modify user passwords using ldapjs and confirm if it's or not an ldapjs issue?

Thank you in advance for any help and have a good day

rekscy avatar Sep 11 '20 12:09 rekscy

Hi, nobody have an idea about this issue ?

rekscy avatar Sep 28 '20 07:09 rekscy

Unfortunately, no. I do not have access to an AD server. If you can provide a reproduction within our integration test suite, that would be helpful. And if you can provide a fix, we'd certainly love to review it and get it integrated.

jsumners avatar Sep 28 '20 11:09 jsumners

Hi, also having this issue. Have you tried base64 encoding ?

gabssnake avatar Nov 30 '21 08:11 gabssnake

👋

On February 22, 2023, we released version 3 of this library. As a result, we are closing this issue/pull request.

Please see issue #839 for more information, including how to proceed if you feel this closure is in error.

jsumners avatar Feb 22 '23 19:02 jsumners