different GUID formats in AD?

Gémes Géza geza at kzsdabas.hu
Mon Apr 1 13:45:58 MDT 2013


Hi,

Sorry if it is well known, I just didn't find a pointer.

I try to figure out how smart card logon could be implemented using 
Samba4 (I'm using ejbca as the CA, which has a procedure for Win DCs and 
I try to adapt it).

If I obtain the GUID of a (Samba 4.0.4) domain controller via ldbsearch:
ldbsearch -H /usr/local/samba/private/sam.ldb cn=DC0 objectGUID

I get:

objectGUID: c848f583-71f2-435b-afb6-8d5c9df4ae58

(which is what can be expected, according to:
http://en.wikipedia.org/wiki/Globally_unique_identifier
or
http://msdn.microsoft.com/en-us/library/aa373931%28VS.85%29.aspx)

however if I run the following vbscript (with command line argument DC0) 
on a Windows 7 domain member:

Set args = WScript.Arguments

Set objStdOut = WScript.StdOut

ServerName = args.Item(0)

Set iAdRootDSE = GetObject("LDAP://RootDSE")

sDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")

ouName = "OU=Domain Controllers"

Set objDC = GetObject("LDAP://CN=" & ServerName & "," & ouName & "," & sDefaultNamingContext)

sGUID = objDC.GUID

sDNShostname = objDC.dNSHostName

objStdOut.WriteLine("GUID: " & sGUID)

objStdOut.WriteLine("DNS hostname: " & sDNShostname)


(The script is based on 
http://download.primekey.se/ejbca/smartcardlogon/ReleasePackage/Scripts/1.%20GenerateDCCertRequest.vbs 
which should be used to generate a certificate request on a Windows DC)

it gives:
GUID: 83f548c8f2715b43afb68d5c9df4ae58
DNS hostname: DC0.kzsdabas.hu

I would be happy if anyone could give me a pointer why are the data1 and 
data2 bytes swaped while data3 and data4 is in the original order.

Cheers

Geza Gemes




More information about the samba-technical mailing list