objectSID format dumped by LDIFDE

[MLi]

Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to be base64
format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in ADSIEDIT or
LDP?


Michael

 

[Dean Wells [MVP]]

My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of Unicode/ASCII
characters. Are you getting something even remotely like this -

?? ?§ Æ?<w?°`????2??

?

 

[MLi]

Exactly. Do you have any recommandation of the encoder/decoder can reverse
it back to hex?

My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of Unicode/ASCII
characters. Are you getting something even remotely like this -

?? ?? ?<w?°`????2??

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to be
base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[Dean Wells [MVP]]

Not off hand, how do you want it to look once decoded?

S-1-5-21-blah.blah

... or

01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C 77

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Exactly. Do you have any recommandation of the encoder/decoder can
reverse it back to hex?

My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of
Unicode/ASCII characters. Are you getting something even remotely
like this - ?? ?? ?<w?°`????2??

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[Dean Wells [MVP]]

PS - There's a tool written by a fellow MVP that's become very popular
(for good reason); ADfind.EXE. It's available from
http://www.joeware.net and will provide a legible objectSID decode,
e.g. -

C:\>adfind -b cn=administrator,cn=users,dc=msettest,dc=net objectSID

AdFind V01.26.00cpp Joe Richards ([email protected]) February 2005

Using server: odyssey.mset.local
Directory: Windows Server 2003

dn:CN=Administrator,CN=Users,DC=msettest,DC=local

objectSid: S-1-5-21-1200478324-492123223-851235398-500

1 Objects returned

<sarcasm for joe>
I can't believe I just recommended one of his tools ... there has to be
another way to do this
</sarcasm>

 

[MLi]

I would it looks like "01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C 77" - as
in ADSIEDIT...

Not off hand, how do you want it to look once decoded?

S-1-5-21-blah.blah

.. or

01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C 77

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Exactly. Do you have any recommandation of the encoder/decoder can
reverse it back to hex?

My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of
Unicode/ASCII characters. Are you getting something even remotely
like this - ?? ?? ?<w?°`????2??

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

MLi wrote:
Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[Dean Wells [MVP]]

Aside from using an external binary such as the one I mentioned earlier,
the best I've found so far is the legacy DEBUG.EXE.

C:\>debug foo.ldf
- d

.... the first line or so is of interest. Scripting that may be awkward.

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

I would it looks like "01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C
77" - as in ADSIEDIT...

Not off hand, how do you want it to look once decoded?

S-1-5-21-blah.blah

.. or

01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C 77

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Exactly. Do you have any recommandation of the encoder/decoder can
reverse it back to hex?


My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of
Unicode/ASCII characters. Are you getting something even remotely
like this - ?? ?? ?<w?°`????2??

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

MLi wrote:
Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64
encoder. Anyone know how can I convert these value to the format
as in
ADSIEDIT or LDP?


Michael

 

[Cary Shultz [A.D. MVP]]

And take a look at all of his tools while there! oldcmp is also quite
useful!

And I always recommend his tools! They are wonderful!

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

PS - There's a tool written by a fellow MVP that's become very popular
(for good reason); ADfind.EXE. It's available from http://www.joeware.net
and will provide a legible objectSID decode, e.g. -

C:\>adfind -b cn=administrator,cn=users,dc=msettest,dc=net objectSID

AdFind V01.26.00cpp Joe Richards ([email protected]) February 2005

Using server: odyssey.mset.local
Directory: Windows Server 2003

dn:CN=Administrator,CN=Users,DC=msettest,DC=local

objectSid: S-1-5-21-1200478324-492123223-851235398-500

1 Objects returned

<sarcasm for joe>
I can't believe I just recommended one of his tools ... there has to be
another way to do this
</sarcasm>

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to be
base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[MLi]

Yes, I find debug is really helpful sometimes, although it's not as popular
as in the time of DOS

Aside from using an external binary such as the one I mentioned earlier,
the best I've found so far is the legacy DEBUG.EXE.

C:\>debug foo.ldf
- d

... the first line or so is of interest. Scripting that may be awkward.

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

I would it looks like "01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C
77" - as in ADSIEDIT...

Not off hand, how do you want it to look once decoded?

S-1-5-21-blah.blah

.. or

01 05 00 00 00 00 00 05-15 00 00 00 92 E0 3C 77

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

MLi wrote:
Exactly. Do you have any recommandation of the encoder/decoder can
reverse it back to hex?


My guess is that your base64 decoder is indeed decoding it but is
attempting to represent the decoded result as a string of
Unicode/ASCII characters. Are you getting something even remotely
like this - ?? ?? ?<w?°`????2??

?

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

MLi wrote:
Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64
encoder. Anyone know how can I convert these value to the format as
in
ADSIEDIT or LDP?


Michael

 

[Dean Wells [MVP]]

You know I was teasing right

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

And take a look at all of his tools while there! oldcmp is also quite
useful!

And I always recommend his tools! They are wonderful!

PS - There's a tool written by a fellow MVP that's become very
popular (for good reason); ADfind.EXE. It's available from
http://www.joeware.net and will provide a legible objectSID decode,
e.g. - C:\>adfind -b cn=administrator,cn=users,dc=msettest,dc=net
objectSID

AdFind V01.26.00cpp Joe Richards ([email protected]) February 2005

Using server: odyssey.mset.local
Directory: Windows Server 2003

dn:CN=Administrator,CN=Users,DC=msettest,DC=local

objectSid: S-1-5-21-1200478324-492123223-851235398-500

1 Objects returned

<sarcasm for joe>
I can't believe I just recommended one of his tools ... there has to
be another way to do this
</sarcasm>

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[Cary Shultz [A.D. MVP]]

Yep!

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

You know I was teasing right

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

And take a look at all of his tools while there! oldcmp is also quite
useful!

And I always recommend his tools! They are wonderful!

PS - There's a tool written by a fellow MVP that's become very
popular (for good reason); ADfind.EXE. It's available from
http://www.joeware.net and will provide a legible objectSID decode,
e.g. - C:\>adfind -b cn=administrator,cn=users,dc=msettest,dc=net
objectSID

AdFind V01.26.00cpp Joe Richards ([email protected]) February 2005

Using server: odyssey.mset.local
Directory: Windows Server 2003

dn:CN=Administrator,CN=Users,DC=msettest,DC=local
objectSid: S-1-5-21-1200478324-492123223-851235398-500

1 Objects returned

<sarcasm for joe>
I can't believe I just recommended one of his tools ... there has to
be another way to do this
</sarcasm>

--
Dean Wells [MVP / Directory Services]
MSEtechnology
[[ Please respond to the Newsgroup only regarding posts ]]
R e m o v e t h e m a s k t o s e n d e m a i l

MLi wrote:
Hi All,

When I use LDIFDE to dump AD, the objectSID and objectGUID turn to
be base64 format, however they cannot be uncoded by base64 encoder.

Anyone know how can I convert these value to the format as in
ADSIEDIT or LDP?


Michael

 

[Joe Richards [MVP]]

LOL. As I was reading this I was thinking, holy crap, I can't believe Dean is
recommending one of my tools in a public forum...

joe

 

[Joe Richards [MVP]]

No he wasn't...

Dean is a kneebiter.

 

[Dean Wells [MVP]]

I know ... I know ... I knew the day would come at some point but I'd
hoped it would be much later in life ;-)

 

[Cary Shultz [A.D. MVP]]

Oh, I did not hear that.

I did hear something about an anklebiter, though! ( see, now I am going to
get in trouble! Just how I like it! ).

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com

 

[Dean Wells [MVP]]

Oh perrrrrlease, I bite neither ankles nor knees ... I am known for
twisting things though :-O