password policy control and detailed error message #186
Comments
|
ok, I have a prototype working but that's not trivial. Unless I am mistaking, LDAJS is not supporting Controls with Responses such as http://tools.ietf.org/html/draft-behera-ldap-password-policy-10 In the Perl world they have it implemented and I took it as example: The problem I found is that if I pass a control, then the Parser.write creates a new instance of that control (getControl call in lib/messsages/messages.js). I have not yet found a way to avoid this re-instantiation for keeping the initial Control instance like in the Perl code. Since that new control instance is not passed back to the client bind call, I could not extract the detailed message. A less elegant solution was to pass back the actual LDAPMessage to the bind callback function. The message contains the newly instantiated controls. The msg parameter was just added in the _done function in lib/client/client.js The calling code looks like: My code is not ready for public consumption and maybe I missed something? I will try to clean it and post back. Thierry |
|
It is likely that it will require some restructuring of how the client handles events to enable this functionality. I'll look into it as time permits. |
|
👋 On February 22, 2023, we released version 3 of this library. As a result, we are closing this issue/pull request. Please see issue #839 for more information, including how to proceed if you feel this closure is in error. |
Hello,
I am using a ppolicy setup and I am trying to get more information out of a client.bind operation.
For example I get the same error msg for a wrong password, an expired account or a locked account:
"Error: InvalidCredentialsError: Invalid Credentials"
With ldappasswd, I can use the '-e ppolicy' option to return more detailed information.
"ldap_bind: Invalid credentials (49); Password expired"
Is there a way to get more info with ldapjs?
Thanks,
Thierry
The text was updated successfully, but these errors were encountered: