Forum Discussion
Dan_E
Altostratus
AltostratusiRules LX for APM password reset
We are attempting to use APM as a Self-Service Password Reset resolution. I can modify Active Directory attributes than to this article https://devcentral.f5.com/s/articles/apm-cookbook-modify-ldap-...
JacobAx
Nimbostratus
NimbostratusHi, If this question is still relevant I have an incomplete code, but the password reset works, this should get you started in your devolpment.
If you are intrested i'll can get back at you and post the final product once done!
Please note that this is currently in development and validation should occur in irule before sending data to the workspace
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
var f5 = require('f5-nodejs');
var ldap = require('ldapjs');
const bind_url = 'ldaps url';
const bind_dn = 'enter DN';
const bind_pw = 'enter password here';
var ilx = new f5.ILXServer();
ilx.listen();
function ldap_unbind(client){
client.unbind(function(err) {
if (err) {
console.log('Error Unbinding.');
}
});
}
ilx.addMethod('ldap_pwreset', function(ldap_pwreset, response) {
var newPassword = ldap_pwreset.params()[0];
var DN = ldap_pwreset.params()[1];
this.ldapClient = ldap.createClient({
url: bind_url,
tlsOptions: { 'rejectUnauthorized': false },
reconnect: {
initialDelay: 100,
maxDelay: 1000,
failAfter: 10
}
});
const ldap_client = this.ldapClient;
// do a rebind when reconnect
this.ldapClient.on('connect', function () {
ldap_client.bind(bind_dn, bind_pw, err => {
if (err) {
console.log('error while ldap binding' + err);
}
});
ldap_client.bind(bind_dn, bind_pw, function(err) {
if (err) {
console.log(err)
}
});
function encodePassword(password) {
return new Buffer('"' + password + '"', 'utf16le').toString();
}
const change = new ldap.Change({
operation: 'replace',
modification: { unicodePwd: encodePassword(newPassword) },
});
ldap_client.modify(DN, change, function(err) {
if (err) {
ldap_unbind(ldap_client);
response.reply(err);
}else{
ldap_unbind(ldap_client);
response.reply('success');
}
});
});
});