package mainimport ( "fmt" "strings" "gopkg.in/ldap.v2")const ( lda

1. package main
2.  
3. import (
4. "fmt"
5. "strings"
6. "gopkg.in/ldap.v2"
7. )
8.  
9. const (
10. ldapServer = "ad.example.com:389"
11. ldapBind = "search@example.com"
12. ldapPassword = "Password123!"
13.  
14. filterDN = "(&(objectClass=person)(memberOf:1.2.840.113556.1.4.1941:=CN=Chat,CN=Users,DC=example,DC=com)(|(sAMAccountName={username})(mail={username})))"
15. baseDN = "CN=Users,DC=example,DC=com"
16.  
17. loginUsername = "tboerger"
18. loginPassword = "password"
19. )
20.  
21. func main() {
22. conn, err := connect()
23.  
24. if err != nil {
25. fmt.Printf("Failed to connect. %s", err)
26. return
27. }
28.  
29. defer conn.Close()
30.  
31. if err := list(conn); err != nil {
32. fmt.Printf("%v", err)
33. return
34. }
35.  
36. if err := auth(conn); err != nil {
37. fmt.Printf("%v", err)
38. return
39. }
40. }
41.  
42. func connect() (*ldap.Conn, error) {
43. conn, err := ldap.Dial("tcp", ldapServer)
44.  
45. if err != nil {
46. return nil, fmt.Errorf("Failed to connect. %s", err)
47. }
48.  
49. if err := conn.Bind(ldapBind, ldapPassword); err != nil {
50. return nil, fmt.Errorf("Failed to bind. %s", err)
51. }
52.  
53. return conn, nil
54. }
55.  
56. func list(conn *ldap.Conn) error {
57. result, err := conn.Search(ldap.NewSearchRequest(
58. baseDN,
59. ldap.ScopeWholeSubtree,
60. ldap.NeverDerefAliases,
61. 0,
62. 0,
63. false,
64. filter("*"),
65. []string{"dn", "sAMAccountName", "mail", "sn", "givenName"},
66. nil,
67. ))
68.  
69. if err != nil {
70. return fmt.Errorf("Failed to search users. %s", err)
71. }
72.  
73. for _, entry := range result.Entries {
74. fmt.Printf(
75. "%s: %s %s -- %v -- %v\n",
76. entry.DN,
77. entry.GetAttributeValue("givenName"),
78. entry.GetAttributeValue("sn"),
79. entry.GetAttributeValue("sAMAccountName"),
80. entry.GetAttributeValue("mail"),
81. )
82. }
83.  
84. return nil
85. }
86.  
87. func auth(conn *ldap.Conn) error {
88. result, err := conn.Search(ldap.NewSearchRequest(
89. baseDN,
90. ldap.ScopeWholeSubtree,
91. ldap.NeverDerefAliases,
92. 0,
93. 0,
94. false,
95. filter(loginUsername),
96. []string{"dn"},
97. nil,
98. ))
99.  
100. if err != nil {
101. return fmt.Errorf("Failed to find user. %s", err)
102. }
103.  
104. if len(result.Entries) < 1 {
105. return fmt.Errorf("User does not exist")
106. }
107.  
108. if len(result.Entries) > 1 {
109. return fmt.Errorf("Too many entries returned")
110. }
111.  
112. if err := conn.Bind(result.Entries[0].DN, loginPassword); err != nil {
113. fmt.Printf("Failed to auth. %s", err)
114. } else {
115. fmt.Printf("Authenticated successfuly!")
116. }
117.  
118. return nil
119. }
120.  
121. func filter(needle string) string {
122. res := strings.Replace(
123. filterDN,
124. "{username}",
125. needle,
126. -1,
127. )
128.  
129. return res
130. }