Documentation Index
Fetch the complete documentation index at: https://projectdiscovery-new-js-docs.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Namespace: ldap
Table of contents
Classes
Interfaces
Variables
Functions
Variables
FilterAccountDisabled
• Const FilterAccountDisabled: "(userAccountControl:1.2.840.113556.1.4.803:=2)"
The user account is disabled.
Defined in
ldap.ts:4
FilterAccountEnabled
• Const FilterAccountEnabled: "(!(userAccountControl:1.2.840.113556.1.4.803:=2))"
The user account is enabled.
Defined in
ldap.ts:7
FilterCanSendEncryptedPassword
• Const FilterCanSendEncryptedPassword: "(userAccountControl:1.2.840.113556.1.4.803:=128)"
The user can send an encrypted password.
Defined in
ldap.ts:10
FilterDontExpirePassword
• Const FilterDontExpirePassword: "(userAccountControl:1.2.840.113556.1.4.803:=65536)"
Represents the password, which should never expire on the account.
Defined in
ldap.ts:13
FilterDontRequirePreauth
• Const FilterDontRequirePreauth: "(userAccountControl:1.2.840.113556.1.4.803:=4194304)"
This account doesn’t require Kerberos pre-authentication for logging on.
Defined in
ldap.ts:16
FilterHasServicePrincipalName
• Const FilterHasServicePrincipalName: "(servicePrincipalName=*)"
The object has a service principal name.
Defined in
ldap.ts:19
FilterHomedirRequired
• Const FilterHomedirRequired: "(userAccountControl:1.2.840.113556.1.4.803:=8)"
The home folder is required.
Defined in
ldap.ts:22
FilterInterdomainTrustAccount
• Const FilterInterdomainTrustAccount: "(userAccountControl:1.2.840.113556.1.4.803:=2048)"
It’s a permit to trust an account for a system domain that trusts other domains.
Defined in
ldap.ts:25
FilterIsAdmin
• Const FilterIsAdmin: "(adminCount=1)"
The object is an admin.
Defined in
ldap.ts:28
FilterIsComputer
• Const FilterIsComputer: "(objectCategory=computer)"
The object is a computer.
Defined in
ldap.ts:31
FilterIsDuplicateAccount
• Const FilterIsDuplicateAccount: "(userAccountControl:1.2.840.113556.1.4.803:=256)"
It’s an account for users whose primary account is in another domain.
Defined in
ldap.ts:34
FilterIsGroup
• Const FilterIsGroup: "(objectCategory=group)"
The object is a group.
Defined in
ldap.ts:37
FilterIsNormalAccount
• Const FilterIsNormalAccount: "(userAccountControl:1.2.840.113556.1.4.803:=512)"
It’s a default account type that represents a typical user.
Defined in
ldap.ts:40
FilterIsPerson
• Const FilterIsPerson: "(objectCategory=person)"
The object is a person.
Defined in
ldap.ts:43
FilterLockout
• Const FilterLockout: "(userAccountControl:1.2.840.113556.1.4.803:=16)"
The user is locked out.
Defined in
ldap.ts:46
FilterLogonScript
• Const FilterLogonScript: "(userAccountControl:1.2.840.113556.1.4.803:=1)"
The logon script will be run.
Defined in
ldap.ts:49
FilterMnsLogonAccount
• Const FilterMnsLogonAccount: "(userAccountControl:1.2.840.113556.1.4.803:=131072)"
It’s an MNS logon account.
Defined in
ldap.ts:52
FilterNotDelegated
• Const FilterNotDelegated: "(userAccountControl:1.2.840.113556.1.4.803:=1048576)"
When this flag is set, the security context of the user isn’t delegated to a service even if the service account is set as trusted for Kerberos delegation.
Defined in
ldap.ts:55
FilterPartialSecretsAccount
• Const FilterPartialSecretsAccount: "(userAccountControl:1.2.840.113556.1.4.803:=67108864)"
The account is a read-only domain controller (RODC).
Defined in
ldap.ts:58
FilterPasswordCantChange
• Const FilterPasswordCantChange: "(userAccountControl:1.2.840.113556.1.4.803:=64)"
The user can’t change the password.
Defined in
ldap.ts:61
FilterPasswordExpired
• Const FilterPasswordExpired: "(userAccountControl:1.2.840.113556.1.4.803:=8388608)"
The user’s password has expired.
Defined in
ldap.ts:64
FilterPasswordNotRequired
• Const FilterPasswordNotRequired: "(userAccountControl:1.2.840.113556.1.4.803:=32)"
No password is required.
Defined in
ldap.ts:67
FilterServerTrustAccount
• Const FilterServerTrustAccount: "(userAccountControl:1.2.840.113556.1.4.803:=8192)"
It’s a computer account for a domain controller that is a member of this domain.
Defined in
ldap.ts:70
FilterSmartCardRequired
• Const FilterSmartCardRequired: "(userAccountControl:1.2.840.113556.1.4.803:=262144)"
When this flag is set, it forces the user to log on by using a smart card.
Defined in
ldap.ts:73
FilterTrustedForDelegation
• Const FilterTrustedForDelegation: "(userAccountControl:1.2.840.113556.1.4.803:=524288)"
When this flag is set, the service account (the user or computer account) under which a service runs is trusted for Kerberos delegation.
Defined in
ldap.ts:76
FilterTrustedToAuthForDelegation
• Const FilterTrustedToAuthForDelegation: "(userAccountControl:1.2.840.113556.1.4.803:=16777216)"
The account is enabled for delegation.
Defined in
ldap.ts:79
FilterUseDesKeyOnly
• Const FilterUseDesKeyOnly: "(userAccountControl:1.2.840.113556.1.4.803:=2097152)"
Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
Defined in
ldap.ts:82
FilterWorkstationTrustAccount
• Const FilterWorkstationTrustAccount: "(userAccountControl:1.2.840.113556.1.4.803:=4096)"
It’s a computer account for a computer that is running old Windows builds.
Defined in
ldap.ts:85
Functions
DecodeADTimestamp
▸ DecodeADTimestamp(timestamp): string
DecodeADTimestamp decodes an Active Directory timestamp
Parameters
Returns
string
Example
const ldap = require('nuclei/ldap');
const timestamp = ldap.DecodeADTimestamp('132036744000000000');
log(timestamp);
Defined in
ldap.ts:96
DecodeSID
▸ DecodeSID(s): string
DecodeSID decodes a SID string
Parameters
Returns
string
Example
const ldap = require('nuclei/ldap');
const sid = ldap.DecodeSID('S-1-5-21-3623811015-3361044348-30300820-1013');
log(sid);
Defined in
ldap.ts:111
DecodeZuluTimestamp
▸ DecodeZuluTimestamp(timestamp): string
DecodeZuluTimestamp decodes a Zulu timestamp
Parameters
Returns
string
Example
const ldap = require('nuclei/ldap');
const timestamp = ldap.DecodeZuluTimestamp('2021-08-25T10:00:00Z');
log(timestamp);
Defined in
ldap.ts:126
JoinFilters
▸ JoinFilters(filters): string
JoinFilters joins multiple filters into a single filter
Parameters
Returns
string
Example
const ldap = require('nuclei/ldap');
const filter = ldap.JoinFilters(ldap.FilterIsPerson, ldap.FilterAccountEnabled);
Defined in
ldap.ts:140
NegativeFilter
▸ NegativeFilter(filter): string
NegativeFilter returns a negative filter for a given filter
Parameters
Returns
string
Example
const ldap = require('nuclei/ldap');
const filter = ldap.NegativeFilter(ldap.FilterIsPerson);
Defined in
ldap.ts:154
