- 224 Views
- 0 Comments
General ECM Questions
Read objectSID from LDAP (Active Directory)
FunMaster
- Post By FunMaster
- 8 months ago
import java.io.IOException;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
public class LDAPSID {
// Get objectSID of a user from LDAP
public static String getObjectSID(String objectName) {
Hashtable<String, String> env = new Hashtable<>(11);
// LDAP Configuration
String dirRoot = "DC=ABCD,DC=CORP";
String adminName = "CN=First_Name,OU=XXX,OU=XXX,OU=XXX,DC=XXX";
String adminPassword = "password";
String ldapURL = "ldap://localhost:389";
// Environment settings
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, adminName);
env.put(Context.SECURITY_CREDENTIALS, adminPassword);
env.put(Context.PROVIDER_URL, ldapURL);
env.put("com.sun.jndi.ldap.connect.pool", "true");
env.put("java.naming.ldap.attributes.binary", "objectSID");
env.put("com.sun.jndi.ldap.netscape.schemaBugs", "true");
try {
DirContext ctx = new InitialDirContext(env);
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = "(&(objectClass=user)(cn=" + objectName + "))";
String[] returnedAtts = { "cn", "distinguishedName", "objectSID" };
searchControls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ctx.search(dirRoot, searchFilter, searchControls);
while (answer.hasMoreElements()) {
SearchResult sr = answer.next();
Attributes attrs = sr.getAttributes();
if (attrs != null) {
try {
System.out.println("CN: " + attrs.get("cn").get());
byte[] SID = (byte[]) attrs.get("objectSID").get();
String strSID = getSIDasStringOfBytes(SID);
System.out.println("Object SID: " + strSID);
ctx.close();
return strSID;
} catch (NamingException e) {
System.err.println("Problem reading SID: " + e);
ctx.close();
return "ERROR";
}
}
}
ctx.close();
} catch (NamingException ne) {
ne.printStackTrace();
System.out.println("Error: " + ne);
return "ERROR";
}
return "ERROR";
}
// Convert binary SID to string representation
public static String getSIDasStringOfBytes(byte[] sid) {
StringBuilder strSID = new StringBuilder("S");
int version = sid[0];
strSID.append("-").append(version);
// Authority
StringBuilder rid = new StringBuilder();
for (int i = 6; i > 0; i--) {
rid.append(byte2hex(sid[i]));
}
long authority = Long.parseLong(rid.toString(), 16);
strSID.append("-").append(authority);
// Sub-authority count
int count = sid[7] & 0xFF;
// Sub-authorities
for (int i = 0; i < count; i++) {
rid.setLength(0);
for (int j = 11; j > 7; j--) {
rid.append(byte2hex(sid[j + (i * 4)]));
}
strSID.append("-").append(Long.parseLong(rid.toString(), 16));
}
return strSID.toString();
}
// Convert byte to hexadecimal string
public static String byte2hex(byte b) {
String ret = Integer.toHexString(b & 0xFF);
return (ret.length() < 2) ? "0" + ret : ret;
}
public static void main(String[] args) throws IOException {
getObjectSID("First_Name Last_Name");
System.out.println("Done");
}
}
Login To Post Your Comment