开发者

ADsDSOObject & .NET return different values (types) for objectSID

开发者 https://www.devze.com 2023-03-08 13:57 出处:网络
I have a user created stored procedure in a database server that queries active directory for user information and inserts the data into a table.We wish to remove the operation from the database serve

I have a user created stored procedure in a database server that queries active directory for user information and inserts the data into a table. We wish to remove the operation from the database server and perform the initial AD query and data insert in an external call (PowerShell or C#).

The stored procedure uses the sp_OA procedures to create an ADsDSOObject to do the actual AD query. It appears that the ADsDSOObject is returning the objectSID in hex by default. Following is an example output value.

-- ADsDSOObject: 0x010500000000000515000000D94242061941C67FC9004A20EE030000

When I run an ADSI query through PowerShell, I get a byte array for the objectSID which I can turn into a string via the .NET System.Security.Principal.SecurityIdentifier (<objectSID>, 0).

This returns the actual string SID identifier in it's proper SID form.

-- Byte Array: {1, 5, 0, 0, 0, 0, 0, 5, 21, 0, 0, 0, 217, 66, 66, 6, 25开发者_开发技巧, 65, 198, 127, 201, 0, 74, 32, 245, 1, 0, 0}

-- .NET SID: S-1-5-21-105005785-2143699225-541720777-501

However, I need to store the data as binary in order to replace the procedure in the database with a .NET solution in order to avoid any changes in the application.

Using PowerShell or C#, does anyone know how to either convert the byte array to hex or how to convert the string SID representation to hex?


Here is a solution :

PS> $sid = New-Object System.Security.Principal.SecurityIdentifier ("S-1-5-21-105005785-2143699225-541720777-501")
PS> $c = New-Object 'byte[]' $sid.BinaryLength
PS> $sid.GetBinaryForm($c, 0)

$c contains the byte array you need.

0

精彩评论

暂无评论...
验证码 换一张
取 消