DecodeADTimestamp decodes an Active Directory timestamp @example ```javascript const ldap = require('nuclei/ldap'); const timestamp = ldap.DecodeADTimestamp('132036744000000000'); log(timestamp); ```.

DecodeSID decodes a SID string @example ```javascript const ldap = require('nuclei/ldap'); const sid = ldap.DecodeSID('S-1-5-21-3623811015-3361044348-30300820-1013'); log(sid); ```.

DecodeZuluTimestamp decodes a Zulu timestamp @example ```javascript const ldap = require('nuclei/ldap'); const timestamp = ldap.DecodeZuluTimestamp('2021-08-25T10:00:00Z'); log(timestamp); ```.

JoinFilters joins multiple filters into a single filter @example ```javascript const ldap = require('nuclei/ldap'); const filter = ldap.JoinFilters(ldap.FilterIsPerson, ldap.FilterAccountEnabled); ```.

NegativeFilter returns a negative filter for a given filter @example ```javascript const ldap = require('nuclei/ldap'); const filter = ldap.NegativeFilter(ldap.FilterIsPerson); ```.

Constructor for creating a new ldap client The following schemas are supported for url: ldap://, ldaps://, ldapi://, and cldap:// (RFC1798, deprecated but used by Active Directory).

The user account is disabled.

The user account is enabled.

The user can send an encrypted password.

Represents the password, which should never expire on the account.

This account doesn't require Kerberos pre-authentication for logging on.

The object has a service principal name.

The home folder is required.

It's a permit to trust an account for a system domain that trusts other domains.

The object is an admin.

The object is a computer.

It's an account for users whose primary account is in another domain.

The object is a group.

It's a default account type that represents a typical user.

The object is a person.

The user is locked out.

The logon script will be run.

It's an MNS logon account.

When this flag is set, the security context of the user isn't delegated to a service even if the service account is set as trusted for Kerberos delegation.

The account is a read-only domain controller (RODC).

The user can't change the password.

The user's password has expired.

No password is required.

It's a computer account for a domain controller that is a member of this domain.

When this flag is set, it forces the user to log on by using a smart card.

When this flag is set, the service account (the user or computer account) under which a service runs is trusted for Kerberos delegation.

The account is enabled for delegation.

Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.

It's a computer account for a computer that is running old Windows builds.