Authenticate against an LDAP server

Usage no npm install needed!

<script type="module">
  import appcLdapauth from '';


Fork of node-ldapauth-fork just to rename dependency for ldapjs for new changes required Fork of node-ldapauth - A simple node.js lib to authenticate against an LDAP server.

Node v0.12 / dtrace-provider issue

Currently the latest released version of ldapjs which this module depends on does not install succesfully on Node v0.12 on Mac (see issue #258) due to old dtrace-provider dependency. To work around the issue, add dependency to ldapjs master to your package.json:

  "dependencies": {
    "ldapjs": "mcavage/node-ldapjs",
    "ldapauth-fork": "2.3.1"

About the fork

This fork was originally created and published because of an urgent need to get newer version of ldapjs in use to passport-ldapauth since the newer version supported passing tlsOptions to the TLS module. Since then a lot of issues from the original module (#2, #3, #8, #10, #11, #12, #13) have been fixed, and new features have been added as well.

Multiple ldapjs client options have been made available.


var LdapAuth = require('ldapauth-fork');
var options = {
    url: 'ldaps://',
var auth = new LdapAuth(options);
auth.authenticate(username, password, function(err, user) { ... });
auth.close(function(err) { ... })


npm install ldapauth-fork


MIT. See "LICENSE" file.

LdapAuth Config Options

Use the source Luke

express/connect basicAuth example

var connect = require('connect');
var LdapAuth = require('ldapauth-fork');

// Config from a .json or .ini file or whatever.
var config = {
  ldap: {
    url: "ldaps://",
    bindDn: "uid=myadminusername,ou=users,",
    bindCredentials: "mypassword",
    searchBase: "ou=users,",
    searchFilter: "(uid={{username}})"

var ldap = new LdapAuth({
  url: config.ldap.url,
  bindDn: config.ldap.bindDn,
  bindCredentials: config.ldap.bindCredentials,
  searchBase: config.ldap.searchBase,
  searchFilter: config.ldap.searchFilter,
  //log4js: require('log4js'),
  cache: true

var basicAuthMiddleware = connect.basicAuth(function (username, password, callback) {
  ldap.authenticate(username, password, function (err, user) {
    if (err) {
      console.log("LDAP auth error: %s", err);
    callback(err, user)