Re: How do I convert sid retrieved from the AD to SDDL string form
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 17 Jan 2007 21:23:46 -0600
LDAP doesn't support joins. You have to do this manually on the client.
The OLEDB provider for LDAP supports a SQL syntax in theory, but it is very
limited, as it has to be able to translate that query into an LDAP search
which is just a base, scope, filter, attribute list and a collection of
controls that can modify the search behavior (to do paging and such).
What you might be able to do is load the data into two datatables manually
and stick them in a dataset to do the join client side. I'm not much of an
ADO.NET guy, so I really don't know much how some of that stuff works, but I
seem to remember hearing somewhere that you could do stuff like that. Ask
an ADO.NET MVP. :)
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Pucca" <Pucca@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C9C83041-FDFB-440B-A124-947D59DA6F25@xxxxxxxxxxxxxxxx
Hi Joe,
The reaons that I was still messing with query instead of
DirectorySearcher
is becuase I need to get result of join table with data from 2 different
AD
path. But, that doesn't work at all. The following is what I tried.
Now, I have to do 2 loops usins SearchResultCollection from the 1st AD
path
and then one by one find its matching object in the other path using sid
as
the key. I then combine selected attributes from the 2 path finding and
create a 3rd table that I pass to Crystal Report for producing reports.
I have to do this for AD computer, user and group objects. I wonder if
there is a more efficient way of doing?
filter = "select contextAtt.cn as SID, contextAtt.meetingID as [Context] "
+
", adAtt.cn as [Computer Name], adAtt.operatingSystem as [O/S Name] ,
adAtt.operatingSystemVersion as [O/S Version] from " +
globalCompPath + " as contextAtt join 'LDAP://CN=Computers"; +
delimitedDomain +
"' as adAtt on contextAtt.SID = adAtt.objectSid";
--
Thanks.
"Joe Kaplan" wrote:
It needs to be a byte[], because the data is a variable length byte
array.
AD SIDs are generally bigger than GUIDs, so that isn't a good idea. I
think
the problem from your previous code sample was that you were calling
ToString on the data.
I'm still confused why you are using OLEDB for searching AD, but whatever
works for you...
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Pucca" <Pucca@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A498835F-3C6E-4569-B83E-B897B1D90025@xxxxxxxxxxxxxxxx
In the Dataset table definition, what type should I set for storing
SID,
which is a byte[]. I tried GUID type but it doesn' like it.
--
Thanks.
"Henning Krause [MVP - Exchange]" wrote:
Hello,
if you are using .NET 2.0, you can pass the byte[] you get from the
objectSid property to a SecurityIdentifier class.
Otherwise, you have at least these options:
1) (easy one) Call the Win32 function ConvertSidToStringSid.
2) (more difficult, but more flexibility) Call the Win32 DsCrackNames
function
Best regards,
Henning Krause
"Pucca" <Pucca@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0972CEEE-1D2D-4605-8C4B-3B4995A2195D@xxxxxxxxxxxxxxxx
I retrieve sid from AD into a dataset table. How can I convert this
to
SDDL
format string? My code below is not working.
ReportPreview repPreview = new ReportPreview();
string AdSelect = "select objectSid, cn, operatingSystem,
operatingSystemVersion from 'LDAP://CN=Computers,"; +
delimitedDomain + "'";
string padSelect = "Select cn, meetingName from " +
globalCompPath;
string temp;
int rs, num;
OleDbConnection adCon = new
OleDbConnection("Provider=ADsDSOObject");
OleDbDataAdapter qryAdapter = new
OleDbDataAdapter(AdSelect,
adCon);
try
{
DataRow newRow =
dsReport.Tables["Computers"].NewRow();
qryAdapter.Fill(dsReport, "AdComputers");
num = dsReport.Tables["AdComputers"].Rows.Count;
for (int y = 0; y <
dsReport.Tables["AdComputers"].Rows.Count; y++)
{
SecurityIdentifier si = new
SecurityIdentifier(dsReport.Tables["AdComputers"].Rows[y][0].ToString());
dsReport.Tables["AdComputers"].Rows[y][0] =
si.Value;
}
--
Thanks.
.
- References:
- Re: How do I convert sid retrieved from the AD to SDDL string format?
- From: Henning Krause [MVP - Exchange]
- Re: How do I convert sid retrieved from the AD to SDDL string form
- From: Joe Kaplan
- Re: How do I convert sid retrieved from the AD to SDDL string form
- From: Pucca
- Re: How do I convert sid retrieved from the AD to SDDL string format?
- Prev by Date: Re: How do I convert sid retrieved from the AD to SDDL string form
- Next by Date: Re: Is my SID's octet string correct? I can't find AD object with it.
- Previous by thread: Re: How do I convert sid retrieved from the AD to SDDL string form
- Next by thread: Re: How do I convert sid retrieved from the AD to SDDL string form
- Index(es):
Relevant Pages
|
