1 | 'use strict'
|
2 | const ldap = require('ldapjs')
|
3 | const ldapChanges = require('./changes')
|
4 | const utils = require('./utils')
|
5 |
|
6 | function resetPassword ({adminDn, adminPassword, newPassword, userDn, upn, username, email}) {
|
7 | return new Promise((resolve, reject) => {
|
8 |
|
9 |
|
10 | if (
|
11 | (!userDn || userDn === '') &&
|
12 | (!upn || upn === '') &&
|
13 | (!username || username === '') &&
|
14 | (!email || email === '')
|
15 | ) {
|
16 |
|
17 | return reject('userDn, upn, username, or email is required')
|
18 | }
|
19 |
|
20 | if (!newPassword || newPassword === '') {
|
21 |
|
22 | return reject('newPassword is required')
|
23 | }
|
24 |
|
25 | const client = this.getClient()
|
26 |
|
27 | client.bind(adminDn, adminPassword, async (err) => {
|
28 |
|
29 | if (err) {
|
30 | console.log(err)
|
31 | client.destroy()
|
32 | return reject(err)
|
33 | }
|
34 |
|
35 | const changes = [ldapChanges.replacePassword(newPassword)]
|
36 |
|
37 | let filter
|
38 | if (username) {
|
39 | filter = '(sAMAccountName=' + username + ')'
|
40 | } else if (email) {
|
41 | filter = '(mail=' + email + ')'
|
42 | } else if (upn) {
|
43 | filter = '(userPrincipalName=' + upn + ')'
|
44 | } else if (userDn) {
|
45 | filter = '(distinguishedName=' + userDn + ')'
|
46 | }
|
47 |
|
48 | const opts = {
|
49 | filter,
|
50 | scope: 'sub',
|
51 | attributes: ['objectGUID']
|
52 | }
|
53 |
|
54 | try {
|
55 | const user = await utils.applyChanges.call(this, client, this.baseDn, opts, changes)
|
56 |
|
57 | client.destroy()
|
58 | resolve(user)
|
59 | } catch (e) {
|
60 | client.destroy()
|
61 | reject(e)
|
62 | }
|
63 | })
|
64 | })
|
65 | }
|
66 |
|
67 | module.exports = resetPassword
|