question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

DC connection remains active on InvalidCredentialsError

See original GitHub issue

Hi, I’m triyng to catch all the possible errors for my AD LDAP query. If I put an invalid or inaccessible url or basedn the library correctly calls my callback with a non-null err parameter. When I issue a bad username or password for binding, the library retries the bind another time than hangs because the connection with the DC remains active.

This is the code I’m using for my query:

var ActiveDirectory = require('activedirectory');
var ad = new ActiveDirectory({
        url: '...',
        baseDN: '...',
        username: '...',
        password: 'wrongpassword',
});
ad.find('(mobile=...)', function(err, user) {
       if(err) {
                console.log(JSON.stringify(err));

                return;
        }

        if(!user) {
                console.log('user not found');
                return;
        }

        console.log("User of ... found: " + user.users[0].displayName);

});

And this is the results (after this output node doesn’t exit like it does on the other Ldap errors):

{"dn":"","code":49,"name":"InvalidCredentialsError","message":"80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 52e, v2580\u0000"}
{"dn":"","code":49,"name":"InvalidCredentialsError","message":"80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 52e, v2580\u0000"}

I’ve used wtfnode to show the hanging connection:

[WTF Node?] open handles:
- Sockets:
  - undefined:undefined -> undefined:undefined
    - Listeners:
  - undefined:undefined -> undefined:undefined
    - Listeners:
  - (MY IP):57795 -> (DC IP):389

Many thanks for your work.

Issue Analytics

  • State:open
  • Created 8 years ago
  • Comments:9 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
pbateycommented, Nov 22, 2016

I’ve filed a pull-request against ldapjs to address this issue: https://github.com/mcavage/node-ldapjs/pull/405

0reactions
denis-peshkovcommented, Feb 27, 2018

Guys, I have the same issue, so merge it please asap.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Unable to bind or log into LDAP using specific credentials
I removed both from the denied policies, and now my personal domain account is fine, but the Administrator account is still having issues....
Read more >
Microsoft Active Directory Authenticate with Centos
I'm having trouble trying to understand how I can authenticate a user without having to explicitly enter the administrator's credentials. I have successfully ......
Read more >
Unable to authenticate using Apache and authnz_mod_ldap ...
I have a problem with Apache2 authentication using authnz_ldap_module in order to authenticate users from Active Directory ...
Read more >
ECS: How to set up an AD or LDAP server connection in the UI
Active Directory (AD) authentication or Lightweight Directory Access Protocol (LDAP) authentication: Used to authenticate domain users that ...
Read more >
Tagged with joining PSC with AD - Techbrainblog
Active Directory authentication or joining a domain is slow ... But still we noticed the VC is connecting to the problematic DC and...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found