Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

DC connection remains active on InvalidCredentialsError

See original GitHub issue

Hi, I’m triyng to catch all the possible errors for my AD LDAP query. If I put an invalid or inaccessible url or basedn the library correctly calls my callback with a non-null err parameter. When I issue a bad username or password for binding, the library retries the bind another time than hangs because the connection with the DC remains active.

This is the code I’m using for my query:

var ActiveDirectory = require('activedirectory');
var ad = new ActiveDirectory({
        url: '...',
        baseDN: '...',
        username: '...',
        password: 'wrongpassword',
});
ad.find('(mobile=...)', function(err, user) {
       if(err) {
                console.log(JSON.stringify(err));

                return;
        }

        if(!user) {
                console.log('user not found');
                return;
        }

        console.log("User of ... found: " + user.users[0].displayName);

});

And this is the results (after this output node doesn’t exit like it does on the other Ldap errors):

{"dn":"","code":49,"name":"InvalidCredentialsError","message":"80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 52e, v2580\u0000"}
{"dn":"","code":49,"name":"InvalidCredentialsError","message":"80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 52e, v2580\u0000"}

I’ve used wtfnode to show the hanging connection:

[WTF Node?] open handles:
- Sockets:
  - undefined:undefined -> undefined:undefined
    - Listeners:
  - undefined:undefined -> undefined:undefined
    - Listeners:
  - (MY IP):57795 -> (DC IP):389

Many thanks for your work.

Issue Analytics

State:
Created 8 years ago
Comments:9 (2 by maintainers)

Top GitHub Comments

1reaction

pbateycommented, Nov 22, 2016

I’ve filed a pull-request against ldapjs to address this issue: https://github.com/mcavage/node-ldapjs/pull/405

0reactions

denis-peshkovcommented, Feb 27, 2018

Guys, I have the same issue, so merge it please asap.

Top Results From Across the Web

Unable to bind or log into LDAP using specific credentials

I removed both from the denied policies, and now my personal domain account is fine, but the Administrator account is still having issues....

Microsoft Active Directory Authenticate with Centos

I'm having trouble trying to understand how I can authenticate a user without having to explicitly enter the administrator's credentials. I have successfully ......

Unable to authenticate using Apache and authnz_mod_ldap ...

I have a problem with Apache2 authentication using authnz_ldap_module in order to authenticate users from Active Directory ...

ECS: How to set up an AD or LDAP server connection in the UI

Active Directory (AD) authentication or Lightweight Directory Access Protocol (LDAP) authentication: Used to authenticate domain users that ...

Tagged with joining PSC with AD - Techbrainblog

Active Directory authentication or joining a domain is slow ... But still we noticed the VC is connecting to the problematic DC and...