Jump to content

AzureAD ObjectiD to SID converter

gmmg
 Share

Recommended Posts

gmmg Seeker

gmmg

Posted
Posted

Hello,

Attached a script for converting the AzureAD ObjectID to the SID. The Autoit script was created using the PowerShell script (see link) via ChatGPT.

It took many attempts via ChatGpt before the result was correct :)

https://github.com/okieselbach/Intune/blob/master/Convert-AzureAdObjectIdToSid.ps1 

; Example
Local $ObjectID = "95a75231-0a1e-4319-8496-7f3b9629d8ed"
Local $sid = ConvertAzureAdObjectIdToSid($ObjectID)

ConsoleWrite("SID: " & $sid & @CRLF)
;Result = S-1-12-1-2510770737-1125714462-998217348-3990366614


Func ConvertAzureAdObjectIdToSid($ObjectID)
    $ObjectID = StringLower(StringReplace($ObjectID, "-", ""))
    If StringLen($ObjectID) <> 32 Then Return SetError(1, 0, "Ungültige GUID")

    Local $b[16]

    ; Data1 (4 bytes LE)
    $b[0] = Dec(StringMid($ObjectID, 7, 2))
    $b[1] = Dec(StringMid($ObjectID, 5, 2))
    $b[2] = Dec(StringMid($ObjectID, 3, 2))
    $b[3] = Dec(StringMid($ObjectID, 1, 2))

    ; Data2 (2 bytes LE)
    $b[4] = Dec(StringMid($ObjectID, 11, 2))
    $b[5] = Dec(StringMid($ObjectID, 9, 2))

    ; Data3 (2 bytes LE)
    $b[6] = Dec(StringMid($ObjectID, 15, 2))
    $b[7] = Dec(StringMid($ObjectID, 13, 2))

    ; Data4 (8 bytes as-is)
    Local $offset = 17
    For $i = 8 To 15
        $b[$i] = Dec(StringMid($ObjectID, $offset, 2))
        $offset += 2
    Next

    ; Convert into UInt32
    Local $sidPart[4]
    For $i = 0 To 3
        Local $j = $i * 4
        $sidPart[$i] = UInt32FromBytes($b[$j], $b[$j + 1], $b[$j + 2], $b[$j + 3])
    Next

    Return "S-1-12-1-" & $sidPart[0] & "-" & $sidPart[1] & "-" & $sidPart[2] & "-" & $sidPart[3]
EndFunc

Func UInt32FromBytes($b0, $b1, $b2, $b3)
    ; UInt32 = b0 + (b1 << 8) + (b2 << 16) + (b3 << 24)
    Local $u = _
        BitAND($b0, 0xFF) + _
        BitShift(BitAND($b1, 0xFF), -8) + _
        BitShift(BitAND($b2, 0xFF), -16) + _
        BitShift(BitAND($b3, 0xFF), -24)

    ; Handling negatives due to signed int overflow
    If $u < 0 Then $u += 0x100000000
    Return $u
EndFunc

Greetings,

gmmg

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...