[jcifs] Problem with retrieving SID

Michael B Allen mba2000 at ioplex.com
Thu Aug 3 16:47:03 GMT 2006 

Are you sure the logic of your loop is ok? If accountSid isn't set for
some reason you'll add the same sid to your vector more than once.

Mike

On Thu, 3 Aug 2006 14:07:52 +0000 (UTC)
Eugene <esudarikov at cinimex.ru> wrote:

> Hi!
> We need to get user's SID form Active Directory.
> The problem is that we sometimes recieve equal values,
> but in Active Directory the values are different!!!  
> We use following code:
> 
> static private Vector getUsersForUnit(String conLogin, String conPass,
> String conString, String cnRoot, String user) throws NamingException {
> 		
> Vector sid = new Vector();
> NamingEnumeration results = init(conLogin, conPass,
> conString, cnRoot, "(&(objectClass=person)(sAMAccountName=" + user +"*))");
> 
> while (results != null && results.hasMore()) {
>    SearchResult si = (SearchResult) results.next();
>    Attributes attrs = si.getAttributes();
>    if (attrs == null) {
>    System.out.println("No attributes");
>    } else {
>       String samAccount = null;
>       byte[] accountSid = null;
>       
>       for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
>          Attribute attr = (Attribute) ae.next();
>          String attrId = attr.getID();
>          Enumeration vals = attr.getAll();
>          while (vals.hasMoreElements()) {
>             String value = vals.nextElement().toString();
>             if(attrId.compareTo("sAMAccountName") == 0) {
>                 samAccount = value;
>             }			
>             if(attrId.compareTo("objectSid") == 0) {
>                try {
>                   accountSid = value.getBytes("UTF-16");
>                }catch (UnsupportedEncodingException e) {}
>             }
>          }
>       }
>       sid.add(new Sid(hexToChar(accountSid), samAccount));
>    }
> }        
> return sid;
> }
> 
> For example in expression
> accountSid = value.getBytes("UTF-16")
> for 2 different SID:
> S-1-5-21-111897851-636822014-903097961-14302 and
> S-1-5-21-111897851-636822014-903097961-14301
> we get the same byte array:
> [-2, -1, 0, 1, 0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 21, 0, 0,
> 0, 0, 0, 0, -1, -3, 0, 108, -1, -3, 0, 6, -1, -3, 0, 33, -1, -3, 0, 37,
> 0, 105, 0, 46, -1, -3, 0, 53, -1, -3, 0, 55, 0, 0, 0, 0]
> 
> Thank you for reply!
> 
> 


-- 
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/

More information about the jcifs mailing list