Sign in to follow this  
Followers 0
supersonic

adfunctions.au3 and user SID / GUID

10 posts in this topic

#1 ·  Posted (edited)

Hi!

Functions in this UDF are discussed many times before...

Here's another post to it... :)

When querying the SID attribute with _ADGetUserObjAttr()

a binary string will be returned. Same with GUID attribute.

How can I convert this binary SID to a string SID?

Maybe DllStructCreate() and DllStructGetData() could help,

but I'm not very famillar with these functions...

Anyone any idea?

Greets,

-supersonic.

Edited by supersonic

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Hi supersonic,

yes you can. Here is a function that decodes all properties of an ad object. I use it all the time.

Edited by water

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

Thanks for your reply, but please give me a clue... :)

When I query the AD for a user SID I got the following string:

0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000

How can I convert this string to a readable SID? Same with GUID.

Hi supersonic,

yes you can. Here is a function that decodes all properties of an ad object. I use it all the time.

Share this post


Link to post
Share on other sites

In Security udf (see help file -> User defined functions) there is function _Security__SidToStringSid to do what you need.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

I searched the help file before and noticed these functions.

When querying the AD with _ADGetUserObjAttr() i get e. g. this binary string:

0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000

... witch stands for this SID: S-1-5-21-1514213250-1506394108-3247708632-2572

When feeding the Security.au3-functions with these strings from above

I get always empty results. I don't get it... :)

Can you provide a sample script?

In Security udf (see help file -> User defined functions) there is function _Security__SidToStringSid to do what you need.

Edited by supersonic

Share this post


Link to post
Share on other sites

You can retrieve a users SID this way:

#include <security.au3>
$Sid = _Security__LookupAccountName(@UserName)
MsgBox(0,"SID for " & @UserName,$Sid[0])


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2017-04-18 - Version 1.4.8.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (NEW 2017-02-27 - Version 1.3.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Sure, this works. I know. But it's a (lame) workaround and doesn't fit really into functions used (possible it will break their structure).

Thank you so far.

Anyone else?

You can retrieve a users SID this way:

#include <security.au3>
$Sid = _Security__LookupAccountName(@UserName)
MsgBox(0,"SID for " & @UserName,$Sid[0])

Edited by supersonic

Share this post


Link to post
Share on other sites

Well, to convert to strings:

#include <WinAPI.au3>

Global $bBinary = "0xAC1250AABFF894563FFFAC10982D33D45634ADCC193465A1"

Global $tBinaryGUID = DllStructCreate("byte[24]")
DllStructSetData($tBinaryGUID, 1, $bBinary)

Global $sGUID = _WinAPI_StringFromGUID(DllStructGetPtr($tBinaryGUID))

ConsoleWrite($sGUID & @CRLF)

#include <security.au3>

Global $bBinary = "0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000"

Global $tBinarySID = DllStructCreate("byte[28]")
DllStructSetData($tBinarySID, 1, $bBinary)


Global $sSID = _Security__SidToStringSid(DllStructGetPtr($tBinarySID))

ConsoleWrite($sSID & @CRLF)

If you get wrong passing returned then something else is not ok.


♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

That's exactly what I was looking for! :)

Thank you very much! :)

Well, to convert to strings:

#include <WinAPI.au3>

Global $bBinary = "0xAC1250AABFF894563FFFAC10982D33D45634ADCC193465A1"

Global $tBinaryGUID = DllStructCreate("byte[24]")
DllStructSetData($tBinaryGUID, 1, $bBinary)

Global $sGUID = _WinAPI_StringFromGUID(DllStructGetPtr($tBinaryGUID))

ConsoleWrite($sGUID & @CRLF)

#include <security.au3>

Global $bBinary = "0x010500000000000515000000820F415AFCBFC959D81994C10C0A0000"

Global $tBinarySID = DllStructCreate("byte[28]")
DllStructSetData($tBinarySID, 1, $bBinary)


Global $sSID = _Security__SidToStringSid(DllStructGetPtr($tBinarySID))

ConsoleWrite($sSID & @CRLF)

If you get wrong passing returned then something else is not ok.

1 person likes this

Share this post


Link to post
Share on other sites

That's exactly what I was looking for! :)

Thank you very much! :)

Great.

GUID is 128 bits in length. That would be 16 bytes.

Since no one noticed (or care about), let me say that.

1 person likes this

♡♡♡

.

eMyvnE

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0