gsuite-ldap.js

var ldap = require('ldapjs'),
    server = ldap.createServer(),
    addrbooks = {}, userinfo = {
    	'jamf' : {'pwd': 'password1'}
    },
    ldap_port = 3899,
    basedn = "dc=<domain>, dc=com"
    
var google = require('googleapis');
var directory = google.admin('directory_v1');

var key = require('<service account json key>');
var jwtClient = new google.auth.JWT(
  key.client_email,
  null,
  key.private_key,
  ['https://www.googleapis.com/auth/admin.directory.user.readonly'],
  'sysadmin@<domain>.com'
);

server.bind(basedn, function (req, res, next) {
	var username = req.dn.rdns[0].attrs.cn.value,
		password = req.credentials;
		
		console.log(username);
		console.log(password);

	if (!userinfo.hasOwnProperty(username) ||
		 userinfo[username].pwd != password) {
	  return next(new ldap.InvalidCredentialsError());
	}

	res.end();
	return next();
});

server.search(basedn, function(req, res, next) {
	var binddn = req.connection.ldap.bindDN.toString();
	
	var rez = res;
	var reqz = req;
	
	directory.users.list({auth: jwtClient, customer: 'my_customer'}, 
	(err, res) => {
	
		for(var i = 0; i < res.users.length; i++) {
			var user = res.users[i];
			
			var obj = {
				dn: "cn=users, " + basedn,
				attributes: {
					objectclass: ["top"],
					uidNumber: user.id,
					uid: user.primaryEmail.split('@')[0],
					cn: user.name.fullName,
					mail: user.primaryEmail
				}
			};
			
			if(reqz.filter.matches(obj.attributes)) {
				rez.send(obj);
			}
		}
		
		rez.end();
	});
});

server.listen(ldap_port, function() {
	console.log("Addressbook started at %s", server.url);
});