Active Directory client library.
The library is a wrapper around go-ldap/ldap module that provides a more convient client for Active Directory.
Import module in your go app:
import "github.com/dlampsi/adc"
// Init client
cl := adc.New(&adc.Config{
URL: "ldaps://my.ad.site:636",
SearchBase: "OU=some,DC=company,DC=com",
Bind: &adc.BindAccount{
DN: "CN=admin,DC=company,DC=com",
Password: "***",
},
})
// Connect
if err := cl.Connect(); err != nil {
// Handle error
}
// Search for a user
user, err := cl.GetUser(&adc.GetUserRequest{Id:"userId"})
if err != nil {
// Handle error
}
if user == nil {
// Handle not found
}
fmt.Println(user)
// Search for a group
group, err := cl.GetGroup(&adc.GetGroupequest{Id:"groupId"})
if err != nil {
// Handle error
}
if group == nil {
// Handle not found
}
fmt.Println(group)
// Add new users to group members
added, err := cl.AddGroupMembers("groupId", "newUserId1", "newUserId2", "newUserId3")
if err != nil {
// Handle error
}
fmt.Printf("Added %d members", added)
// Delete users from group members
deleted, err := cl.DeleteGroupMembers("groupId", "userId1", "userId2")
if err != nil {
// Handle error
}
fmt.Printf("Deleted %d users from group members", deleted)
By default client initializes with default config file. You can find it in DefaultUsersConfigs() func.
Custom check authentification for provided credentials:
if err := cl.CheckAuthByDN("CN=user,DC=company,DC=com", "password"); err != nil {
// Handle bad credentials error
}
You can set custom search base for user/group in config:
cfg := &adc.Config{
URL: "ldaps://my.ad.site:636",
SearchBase: "OU=some,DC=company,DC=com",
Bind: &adc.BindAccount{DN: "CN=admin,DC=company,DC=com", Password: "***"},
Users: &adc.UsersConfigs{
SearchBase: "OU=users_base,DC=company,DC=com",,
},
}
cl := New(cfg)
if err := cl.Connect(); err != nil {
// Handle error
}
You can parse custom attributes to client config to fetch those attributes during users or groups fetch:
// Append new attributes to existsing user attributes
cl.Config().AppendUsesAttributes("manager")
// Search for a user
user, err := cl.GetUser(&adc.GetUserRequest{Id:"userId"})
if err != nil {
// Handle error
}
if user == nil {
// Handle not found
}
// Get custom attribute
userManager := exists.GetStringAttribute("manager")
fmt.Println(userManager)
Also you can parse custom attributes during each get requests:
user, err := cl.GetUser(&adc.GetUserRequest{Id: "userId", Attributes: []string{"manager"}})
if err != nil {
// Handle error
}
// Get custom attribute
userManager := exists.GetStringAttribute("manager")
fmt.Println(userManager)
You can parse custom search filters to client config:
cfg := &adc.Config{
URL: "ldaps://my.ad.site:636",
SearchBase: "OU=some,DC=company,DC=com",
Bind: &adc.BindAccount{DN: "CN=admin,DC=company,DC=com", Password: "***"},
Users: &adc.UsersConfigs{
FilterById: "(&(objectClass=person)(cn=%v))",
},
Groups: &adc.GroupsConfigs{
FilterById: "(&(objectClass=group)(cn=%v))",
},
}
cl := New(cfg)
if err := cl.Connect(); err != nil {
// Handle error
}
You can specifiy custom logger for client. Logger must implement Logger
interface. Provide logger during client init:
cl := New(cfg, adc.WithLogger(myCustomLogger))
Client has reconnect method, that validates connection to server and reconnects to it with provided ticker interval and retries attempts count.
Exxample for recconect each 5 secconds with 24 retrie attempts:
err := cl.Reconnect(nctx, time.NewTicker(5*time.Second), 24)
if err != nil {
// Handle error
}
- Create new PR from
main
branch - Request review from maintainers