Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I convert an Active Directory objectGuid to a readable string?

I'm using Novell.Directory.Ldap in a Xamarin mobile application, written in C#.

Using Novell, I am able to authenticate a user based on domain, username, and password using

LdapConnection.bind(username, password);

Then, I perform a search, using the sAMAccountName, which is equivalent to the supplied username.

After all this, which works successfully, I need to get the user's objectGuid so that I can query external databases, which use that guid as a key. The problem is, when I get the guid back form the LdapSearchResults, it's encoded somehow. And I cannot figure out how to get the readable string representation of this guid.

Does anyone have more information on this? I would imagine that the guid is encoded somehow, but how it's encoded, I do not know. I have tried

System.Convert.FromBase64String 

and that didn't help. I appreciate the help guys, let me know if I can post anymore information that'd be helpful.

private void Login()
{
    if (LOG.isInfoEnabled())
    {
        LOG.info("Attempting LDAP logon . . .");

        if (LOG.isDebugEnabled())
        {
            LOG.debug("Host: " + this.ldapHost);
            LOG.debug("Port: " + this.ldapPort);
            LOG.debug("SearchBase: " + this.ldapSearchBase);
        }
    }

    LdapConnection conn = new LdapConnection();

    try
    {
        conn.Connect(this.ldapHost, this.ldapPort);

        if (LOG.isDebugEnabled())
        {
            LOG.debug("connected?: " + conn.Connected.ToString());
        }
    }
    catch (Exception e)
    {
        LOG.error("An exception occurred while attempting to connect to AD server!", e);

        // INFORM USER ABOUT ERROR
        authError(Resource.String.error_unknown);
    }

    if (!string.IsNullOrEmpty(this.editTextUserName.Text) && !string.IsNullOrEmpty(this.editTextPassword.Text))
    {
        // HIDE KEYBOARD
        var imm = (InputMethodManager)GetSystemService(Context.InputMethodService);
        imm.HideSoftInputFromWindow(editTextPassword.WindowToken, HideSoftInputFlags.NotAlways);

        // HIDE 'LOGON' BUTTON WHILE LOGGING ON
        this.buttonLogin.Visibility = ViewStates.Invisible;

        try
        {
            // PERFORM AUTHENTICATION
            conn.Bind(this.userName, this.userPassword);

            if (LOG.isDebugEnabled())
            {
                LOG.debug("conn.Bound?: " + conn.Bound);
            }

            if (conn.Bound)
            {
                if (LOG.isDebugEnabled())
                {
                    LOG.debug("authentication successful");
                }

                string[] name = this.userName.Split('\\');
                LOG.debug("name[0]: " + name[0]);
                LOG.debug("name[1]: " + name[1]);

                string filter = "(sAMAccountName=" + name[1] + ")";
                string guid = "";

                LdapSearchResults searchResults = conn.Search(
                    this.ldapSearchBase, // search base
                    LdapConnection.SCOPE_SUB, // search scope  
                    filter, // filter
                    null, // attributes
                    false); // attributes only

                while (searchResults.hasMore())
                {
                    LdapEntry nextEntry = null;

                    try
                    {
                        nextEntry = searchResults.next();
                        guid = nextEntry.getAttribute("objectGUID").StringValue;
                    }
                    catch (LdapException e)
                    {
                        LOG.error("An exception occurred while attempting to get next search result!", e);
                        continue;
                    }
                }

                Intent intent = new Intent(this, typeof(DashboardActivity));
                intent.PutExtra("guid", guid);

                StartActivity(intent);
            }
            else
            {
                // INFORM USER ABOUT ERROR
                authError(Resource.String.error_auth);
            }
        }
        catch (LdapException ldape)
        {
            LOG.error("An exception occurred while attempting to authenticate user credentials!", ldape);

            // INFORM USER ABOUT ERROR
            authError(Resource.String.error_auth);
        }
        finally
        {
            conn.Disconnect();
        }
    }
    else
    {
        conn.Disconnect();
    }
}
like image 254
liltitus27 Avatar asked Aug 22 '13 14:08

liltitus27


People also ask

Can you change objectGUID?

Essentially, the objectGUID never changes. That is its purpose, and why you can connect to AD objects based on it, and know that you will get the same object as before (assuming it exists).

What is Active Directory objectGUID?

ObjectGUID is an Attribute-Names which represents a Universally Unique Identifier as used in Microsoft Active Directory.


1 Answers

I'm not sure if the Novell library encodes it in some other way, but System.DirectoryServices provides the GUID as a byte array. You can get this to a readable string using the System.Guid struct:

new Guid((System.Byte[])this.GUID).ToString()
like image 154
frax Avatar answered Sep 23 '22 13:09

frax