LDAP Search Script Issue w/ Apostrophes

Kelli42
Tera Contributor

‎04-29-2023 08:31 PM

I have a script for validating user provided group names against Active Directory to ensure they exist. It works great unless the group name has an apostrophe in it - those groups are not found. It seems like this is a known issue with LDAP queries but I’m not seeing how to resolve it. Does anyone know?

0 Helpfuls
  • 313 Views
1 REPLY 1

Ratnakar7
Mega Sage
Mega Sage

‎04-30-2023 09:44 AM

Hi @Kelli42 ,

 

Yes, this is a known issue with LDAP queries. When using apostrophes in LDAP queries, the apostrophe needs to be escaped by using a backslash (').

In your script, you can modify the group name before passing it to the LDAP query to escape any apostrophes. Here's an example:

// assuming groupName is the user-provided group name
var escapedGroupName = groupName.replace(/'/g, "\\'"); // replace apostrophes with escaped apostrophes

// perform LDAP search using escaped group name
var result = ldap.search('(&(objectCategory=group)(cn=' + escapedGroupName + '))');

 

Thanks,

Ratnakar