[Samba] net ads dn - reading netbootGUID attribute

Roman Sommer roman.sommer at gmail.com
Thu Feb 9 14:28:14 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


hello again,

thanks for the help. net ads dn is working now - and I really like that
perl script. There is one issue though.

./adssearch.pl [...] "(&(objectclass=computer)(sAMAccountName=HOST1$))"
works perfectly fine... found entry: CN=HOST1,CN=Computers,DC=abc,DC=tld

./adssearch.pl [...]
"((&(objectclass=computer)(netbootGUID=67b94d56-ffe2-aa6d-fdab-70677592eb61))"
does not return any results.

What I want to do is to search all computer accounts in the Active
Directory for a certain netbootGUID. If I can't match it like the way
above I probably have to read them all into an array and look for the
right GUID there.. but I don't like that approach very much :)

this time objectSid works - both objectGUID and netbootGUID won't.
Any idea?

- --
Roman Sommer



Guenther Deschner wrote:
> Hi Roman,
> 
> On Thu, Feb 09, 2006 at 11:01:25AM +0100, Roman Sommer wrote:
>> hello everyone,
>>
>> I can read *any* attribute I want out of the Active Directory using 'net
>> ads dn'.. except for one - which of course is the (only) one I need.
>>
>> netbootGUID. It is stored in an octet string as is objectGUID and
>> objectSid which I can read properly.
> 
> Ok, I fixed that in subversion (see
> http://build.samba.org/?function=diff;tree=samba_3_0;date=1139480667;author=gd;revision=13410)
> 
> You might want to take a look at the adssearch.pl perl script which
> quickly allows you to work on decoding the various attributes without
> recompiling.
> 
> Guenther

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFD61F+KonGtrxsRysRAtFJAJ9MAkf+Ll2tK7Ttkv1RCLKdd6wokwCdH3XB
A3dnypzOpurAAN2V1cxeNpI=
=mO/f
-----END PGP SIGNATURE-----


More information about the samba mailing list