[Samba] Field Definition for objectSid (LDAP)

Andrew Bartlett abartlet at samba.org
Tue Sep 14 23:18:45 GMT 2004

On Tue, 2004-09-14 at 10:13, Celeste Suliin Burris wrote:
> I'm trying to write a perl program to get user information my boss 
> wants using Net::LDAP in perl. I'm doing fairly well, but when I try to 
> get the objectSid from the user list, it comes in packed or encrypted 
> in some fashion. 

packed.  The SID is binary encoded into the 'standard' format for SIDs
in CIFS, then binary encoded as per the ldap rules.

> Since dumping the users using the command "net ads 
> search '(&(objectClass=person)(objectCategory=person))'" gets me an 
> unscrambled objectSid, I figure someone out there knows how to put it 
> into human-readable form.

Yes, we have C code that handles that.  Doing it in perl will be another

lib/util_sid.c:sid_parse() in the Samba3 sources might help.

Andrew Bartlett

Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040915/2e451edd/attachment.bin

More information about the samba mailing list