?
Solved

Converting Octet String from Active Directory

Posted on 2006-10-30
3
Medium Priority
?
3,751 Views
Last Modified: 2009-09-18
I am working with AD in C#.

I wrote a simple little app that allows people to search users in AD.

I have the objectSid (SID) coming back as a poperty, and I need to store that data in a database. Later in the app, I will want to search AD using that SID stored.

My problem is converting objectSid ( guessing it's an octec string) to a string value to store it and then converting it back when I need to search with it.

Anyone been down the road with AD and C#

Thanks,
0
Comment
Question by:scaldwe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
jnhorst earned 1500 total points
ID: 17838984
I am thinking your user object should be castable to an instance of the IADsUser interface, which has a get_GUID method.  You might want to look at storing that and using it later to search with it.

John
0
 

Author Comment

by:scaldwe
ID: 17842854
Thank You for the reply,  this is what I was looking for ...

using the namespace "System.Security.Principal"

    private String ConvertSID(Byte[] sidBinary)
    {
        SecurityIdentifier SID = new SecurityIdentifier(sidBinary, 0);
        return SID.ToString();
    }

returns me a nice little Unique String I can search on ....

Here is the actual code block this applies to ... maybe this can help someone get their a little faster if they are tasked with this as well.

//Define Search String .. ex: "(&(objectClass=user)(sn=sp*)(objectCategory=person))"
        StringBuilder objS = new StrinBuilder(500);
        objS.Append("(&(objectClass=user)(sn=");
        objS.Append(txtSearchCriteria.Text.Trim());
        objS.Append("*)(objectCategory=person))");
       

        DirectorySearcher objSearcher = new DirectorySearcher("LDAP://yourdomain/");
        objSearcher.Filter = objS.ToString();
        objSearcher.PropertiesToLoad.Add("sn");
        objSearcher.PropertiesToLoad.Add("givenName");
        objSearcher.PropertiesToLoad.Add("objectSid"); //returns as an octet string so you must convert it.

        SearchResult objResults;
        SearchResultCollection objResultCollection = objSearcher.FindAll();

        //Now to grab the values I set to Load with the PopertiestoLoad method ...
        String firstName = (String)objResults.Properties["givenName"][0];
        String lastName = (String)objResults.Properties["sn"][0];
        String SID = ConvertSID((Byte[])objResults.Properties["objectSid"][0];

Hope this helps someone ....




0
 

Expert Comment

by:CareCentric
ID: 25369395
For anyone interested, I had to do the reverse of this: finding all users that belong to a group, even if they are listed as primary group member. (I excluded 513 which is the default "Domain Users" group).
if (sr.Properties["name"] == null) continue;
if (sr.Properties["name"].Count == 0) continue;
string name = (string)sr.Properties["name"][0];
string gSID = ConvertSID((Byte[])sr.Properties["objectSid"][0]);
string rSID = gSID.Substring(gSID.LastIndexOf('-') + 1);
int irSID = 0;
int.TryParse(rSID, out irSID);
ResultPropertyValueCollection member = sr.Properties["member"];
List<string> members = new List<string>();
foreach (string i in member)
{
  members.Add(i);
}
if (irSID == 0 || rSID != "513")
{
  DirectorySearcher dsearch2 = new DirectorySearcher();
  SearchResultCollection sResult2;
  dsearch2.PageSize = 500;
  dsearch2.SizeLimit = 500;
  dsearch2.ReferralChasing = ReferralChasingOption.All;
  dsearch2.SearchScope = SearchScope.Subtree;
  dsearch2.Filter = "(&(primaryGroupID=" + rSID + "))";
  dsearch2.SearchRoot = new DirectoryEntry("LDAP://DC=contoso,DC=com");
  sResult2 = dsearch2.FindAll();
  foreach (SearchResult sr2 in sResult2)
  {
    members.Add(sr2.Path.Substring(7));
  }
}

Open in new window

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month15 days, 11 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question