Closed WillieOng-HK closed 3 years ago
Are the users allowed to log onto the ldap server (in my case the domain controller)? See my issue: https://github.com/vesse/passport-ldapauth/issues/92
It appears that the only way to authenticate by ldap is giving the users permission to log on to the server. It appears that this library impersonates the user and tries to log on as a way to verify the credentials.
In the stack overflow response appears to be the key: https://stackoverflow.com/questions/21439030/passport-active-directory-node-js/30611120#30611120
Use the DN of the search result, together with user provided password, and bind against the LDAP server. This verifies the password.
Not much I can do about that as the LDAP connection is handled by ldapjs
. They had released a new major version which I've taken into use in version 3.0.0
. Maybe retry with the latest version.
Problem Description
I got Unauthorized message but ldapsearch work, the testing LDAP server is Windows server 2012
I can get
ldapsearch -x -H ldap://192.168.168.145:389 -b DC=abc,DC=local -D CN=Administrator,CN=Users,DC=abc,DC=local -w Abcd1234!
Steps to Reproduce
but when I try to use passport-ldap
got error message