Forum Discussion
jklemm2000
Nimbostratus
NimbostratusAPM variable Assign Convert from HEX to original Format
I am doing an LDAP query which polls ldap for user attributes and I want to take the objectSid attribute and insert it in a header upon policy completion. The issue I am running into is the applicat...
Thijs88Nimbostratus
NimbostratusThe problem is that the LDAP query response is in binary format, so it cannot be transformed only be decoding the HEX value, it has to be interpreted from binary format according to the LDAP specification.
https://ldapwiki.com/wiki/ObjectSID
I've made a small TCL script to do this transformation that should be able to achieve this. Be aware it is my first TCL script so probably not as optimal as possible. Sharing it either way as it might be helpful for someone running into the same issue.
set var [mcget {session.ldap.last.attr.objectSid}]
set revision [expr [string range $var 2 3]]
set countSubAuths [expr [string range $var 4 5]]
set authority [expr [string range $var 6 17]]
set objectsid "S-$revision-$authority"
set start 18
for {set i 0} {$i < $countSubAuths} {incr i} {
set end [expr $start + 7]
set subAuth [string range $var $start $end]
set result ""
for {set j 3} {$j > -1} {incr j -1} {
set subAuthbit [string range $subAuth [expr $j * 2] [expr $j * 2 + 1]]
set result [concat $result$subAuthbit]
}
set subAuthDec [expr 0x$result]
set objectsid [concat $objectsid-$subAuthDec]
set start [expr $start + 8]
}
return $objectsid
