Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2011-12-01 05:46 AM

Convert SID from binary to string format

We are reading the activedirectory for later use within section access.

Our applications are also published using dynamic distribution (loop field in document) in QV Publisher where you distribute using a field in the application.

What is the best approach for this ?

I am using the field SAMAccountname currently, but I have noticed that there is also the SID.

Is there a way to read out the SID from the LDAP server and store them in QVD format for later us in your applications ?

Script currently reads out LDAP :

LET arg=chr(01);    // Set search start name to a very low value

DO

    UserTable:

    LOAD

        UserDN                                        as key_user,

        *

        ;

    LOAD

        name                                         as UserName,

        distinguishedName                             as UserDN,

        sAMAccountName                                as [USERID],

       objectsid                                    as SID,

        '$(vDC1)'&'$(vDC2)'&'\'&sAMAccountName         as QVSamaccount

    ;

    SQL select

        name, distinguishedName,sAMAccountName, objectsid        // Fields to select

    FROM 'LDAP://$(vRootDse)'  WHERE objectCategory='person'

    AND name>'$(arg)';    // Get rows where "name" is GT the arg

    EXIT DO WHEN ScriptError > 1    // Stop loop if SELECT has error

    EXIT DO WHEN NoOfRows('nameTable') = 0;  // Stop loop if SELECT returns nothing

    EXIT DO WHEN peek('UserName') = '$(arg)';  // If the last "name" read is EQ to arg -- no more entries

    LET arg=peek('UserName');    // Set the arg to the last "name" read

LOOP

There is some VB scripting in the application as well (you can download the original QV application from the community), but my question is the objectsid in the script above. On the LDAP server it is not stored in the readable S-9-9-99-9999999-9999-999... format. Is there a way to do this.

As you can see, the LDAP info is not read from a prebuilt TXT or CSV but directly from the LDAP server so tools like powershell, etc are not at my fingertips.

3,223 Views
0 Likes
1 Reply
Not applicable
‎2012-03-12 03:14 PM
Author

There are a few ways of doing this. There are a few QVWs that reference this function: HexStrToDecStr.

Here is the actualy VB Script Function - put this in a macro and call HexStrToDecStr on the objectSID field.

This will return the human-readable format. (Note: I did not write this function, I found it on the interwebs. It does work well tho.)

Function HexStrToDecStr(strSid)
  Dim arrbytSid, lngTemp, j
  ReDim arrbytSid(Len(strSid)/2 - 1)
  For j = 0 To UBound(arrbytSid)
  arrbytSid(j) = CInt("&H" & Mid(strSid, 2*j + 1, 2))
  Next
  HexStrToDecStr = "S-" & arrbytSid(0) & "-" _
  & arrbytSid(1) & "-" & arrbytSid(8)
  lngTemp = arrbytSid(15)
  lngTemp = lngTemp * 256 + arrbytSid(14)
  lngTemp = lngTemp * 256 + arrbytSid(13)
  lngTemp = lngTemp * 256 + arrbytSid(12)
  HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
  lngTemp = arrbytSid(19)
  lngTemp = lngTemp * 256 + arrbytSid(18)
  lngTemp = lngTemp * 256 + arrbytSid(17)
  lngTemp = lngTemp * 256 + arrbytSid(16)
  HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
  lngTemp = arrbytSid(23)
  lngTemp = lngTemp * 256 + arrbytSid(22)
  lngTemp = lngTemp * 256 + arrbytSid(21)
  lngTemp = lngTemp * 256 + arrbytSid(20)
  HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
  lngTemp = arrbytSid(25)
  lngTemp = lngTemp * 256 + arrbytSid(24)
  HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
End Function
1,130 Views