ActiveDirectory for Node-RED
node-red-contrib-activedirectory is a Node-RED nodes collection for Microsoft Active Directory. It is based on the activedirectory2 ldapjs client for auth (authentication) and authZ (authorization) for Microsoft Active Directory (documentation here).
If you want to contribute in order to add brand new features and/or nodes, do not hesitate to join and submit your merge requests!
A config
node holds the connection parameters now.
Please, redeploy your active directory
nodes.
Getting started
- Install Node-RED (more):
sudo npm install -g node-red
- Go to your node-RED conf directory (basically
~/.node-red
)
npm install node-red-contrib-activedirectory
- There you go! You can run Node-RED with:
node-red
Documentation
Connection
Every node requires LDAP configuration/credentials (configured in the config-node) to create an instance of the client configured according to the following options:
-
url
{string}: Active Directory server to connect to, e.g.ldap://ad.example.com
. -
username
{string}: An account name capable of performing the operations desired. -
password
{string}: Password for the givenusername
.
The configuration for the baseDN has to be configured seperately for each node.
-
baseDN
{string}: The root DN from which all searches will be performed, e.g.dc=example,dc=com
.
findUser
Connects to a Microsoft Active Directory and returns the user corresponding to the username/DN set in msg.payload
.
Inputs
-
msg.payload
{string}: the AD username of the user we want to get information. It also works with DN. -
msg.ad_attributes
{JSON Object}: the attributes we want to return for users and groups. By default:
{
"user": [
"dn", "distinguishedName",
"userPrincipalName", "sAMAccountName", "mail",
"lockoutTime", "whenCreated", "pwdLastSet", "userAccountControl",
"employeeID", "sn", "givenName", "initials", "cn", "displayName",
"comment", "description", "url"
],
"group": [
"dn", "cn", "description", "distinguishedName", "objectCategory"
]
}
-
msg.tlsOptions
{JSON Object}: (Optional) Additional options passed to TLS connection layer when connecting via ldaps://. (See: TLS docs for node.js).
Outputs
-
msg.payload
{JSON Object}: the standard output of the command, a JSON object that contains all the information about the user.
findGroup
Connects to a Microsoft Active Directory and returns the group corresponding to the groupname/DN set in msg.payload
.
Inputs
-
msg.payload
{string}: the AD groupname of the group we want to get information. It also works with DN. -
msg.ad_attributes
{JSON Object}: the attributes we want to return for users and groups. By default:
{
"user": [
"dn", "distinguishedName",
"userPrincipalName", "sAMAccountName", "mail",
"lockoutTime", "whenCreated", "pwdLastSet", "userAccountControl",
"employeeID", "sn", "givenName", "initials", "cn", "displayName",
"comment", "description", "url"
],
"group": [
"dn", "cn", "description", "distinguishedName", "objectCategory"
]
}
-
msg.tlsOptions
{JSON Object}: (Optional) Additional options passed to TLS connection layer when connecting via ldaps://. (See: TLS docs for node.js).
Outputs
-
msg.payload
{JSON Object}: the standard output of the command, a JSON object that contains all the information about the group.
query
Connects to a Microsoft Active Directory and returns the result of the AD query input set in msg.payload
.
Inputs
-
msg.payload
{string}: an LDAP query (more information: AD Search FilterSyntax). -
msg.ad_attributes
{JSON Object}: the attributes we want to return for users and groups. By default:
{
"user": [
"dn", "distinguishedName",
"userPrincipalName", "sAMAccountName", "mail",
"lockoutTime", "whenCreated", "pwdLastSet", "userAccountControl",
"employeeID", "sn", "givenName", "initials", "cn", "displayName",
"comment", "description", "url"
],
"group": [
"dn", "cn", "description", "distinguishedName", "objectCategory"
]
}
-
msg.tlsOptions
{JSON Object}: (Optional) Additional options passed to TLS connection layer when connecting via ldaps://. (See: TLS docs for node.js).
Outputs
-
msg.payload
{JSON Object}: the standard output of the command, a JSON object that contains result of the AD query input.