I'm trying to write a perl program to get user information my boss wants using Net::LDAP in perl. I'm doing fairly well, but when I try to get the objectSid from the user list, it comes in packed or encrypted in some fashion. Since dumping the users using the command "net ads search '(&(objectClass=person)(objectCategory=person))'" gets me an unscrambled objectSid, I figure someone out there knows how to put it into human-readable form. Celeste Suliin Burris Systems Administrator Tacoma Economic Development Department Email - csburris@ci.tacoma.wa.us
On Tue, 2004-09-14 at 10:13, Celeste Suliin Burris wrote:> I'm trying to write a perl program to get user information my boss > wants using Net::LDAP in perl. I'm doing fairly well, but when I try to > get the objectSid from the user list, it comes in packed or encrypted > in some fashion.packed. The SID is binary encoded into the 'standard' format for SIDs in CIFS, then binary encoded as per the ldap rules.> Since dumping the users using the command "net ads > search '(&(objectClass=person)(objectCategory=person))'" gets me an > unscrambled objectSid, I figure someone out there knows how to put it > into human-readable form.Yes, we have C code that handles that. Doing it in perl will be another matter... lib/util_sid.c:sid_parse() in the Samba3 sources might help. Andrew Bartlett -- Andrew Bartlett abartlet@samba.org Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040915/2e451edd/attachment.bin
Burris, Celeste Suliin
2004-Sep-15 03:20 UTC
[Samba] Field Definition for objectSid (LDAP)
Since perl has an "unpack" statement nearly identical to C, that should work. If I get it working and there is any interest, I'll post it. This week, I'm in class learning Python - what's another programming language. -----Original Message----- From: Andrew Bartlett To: Celeste Suliin Burris Cc: samba@lists.samba.org Sent: 9/14/2004 4:18 PM Subject: Re: [Samba] Field Definition for objectSid (LDAP) On Tue, 2004-09-14 at 10:13, Celeste Suliin Burris wrote:> I'm trying to write a perl program to get user information my boss > wants using Net::LDAP in perl. I'm doing fairly well, but when I tryto> get the objectSid from the user list, it comes in packed or encrypted > in some fashion.packed. The SID is binary encoded into the 'standard' format for SIDs in CIFS, then binary encoded as per the ldap rules.> Since dumping the users using the command "net ads > search '(&(objectClass=person)(objectCategory=person))'" gets me an > unscrambled objectSid, I figure someone out there knows how to put it > into human-readable form.Yes, we have C code that handles that. Doing it in perl will be another matter... lib/util_sid.c:sid_parse() in the Samba3 sources might help. Andrew Bartlett -- Andrew Bartlett abartlet@samba.org Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net