node package manager



Sponsored by Leonidas

Fork of node-ldapauth - A simple node.js lib to authenticate against an LDAP server.

About the fork

This fork was originally created and published because of an urgent need to get newer version of ldapjs in use to passport-ldapauth since the newer version supported passing tlsOptions to the TLS module. Since then a lot of issues from the original module (#2, #3, #8, #10, #11, #12, #13) have been fixed, and new features have been added as well.

Multiple ldapjs client options have been made available.


var LdapAuth = require('ldapauth-fork');
var options = {
  url: 'ldaps://',
var auth = new LdapAuth(options);
auth.on('error', function (err) {
  console.error('LdapAuth: ', err);
auth.authenticate(username, password, function(err, user) { ... });
auth.close(function(err) { ... })


npm install ldapauth-fork


MIT. See "LICENSE" file.

LdapAuth Config Options

Use the source Luke

express/connect basicAuth example

var basicAuth = require('basic-auth');
var LdapAuth = require('ldapauth-fork');
var ldap = new LdapAuth({
  url: "ldaps://",
  bindDn: "uid=myadminusername,ou=users,",
  bindCredentials: "mypassword",
  searchBase: "ou=users,",
  searchFilter: "(uid={{username}})",
  reconnect: true
var rejectBasicAuth = function(res) {
  res.statusCode = 401;
  res.setHeader('WWW-Authenticate', 'Basic realm="Example"');
  res.end('Access denied');
var basicAuthMiddleware = function(req, res, next) {
  var credentials = basicAuth(req);
  if (!credentials) {
    return rejectBasicAuth(res);
  ldap.authenticate(, credentials.pass, function(err, user) {
    if (err) {
      return rejectBasicAuth(res);
    req.user = user;

ldapauth-fork has been partially sponsored by Leonidas Ltd.