Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

NET::LDAP and objectGUID

by ksublondie (Friar)
on Jan 23, 2017 at 22:06 UTC ( [id://1180179]=perlquestion: print w/replies, xml ) Need Help??

ksublondie has asked for the wisdom of the Perl Monks concerning the following question:

Hi monks!

I need to use a read-only unique identifier field for ldap objects. My research has taken me to "objectGUID". However, if I take a query result set and turn right back around to use the objectGUID values for my filter values, I only get hits on about 90% of the original objects. From my tests so far, it appears to be the same objects missing each time.

my $users=$ldap_session->search( base=>$CONF{ldapuserbase}, filter=>$filter, attrs=> ['distinguishedName','sAMAccountName', +'homeDirectory','displayName','objectSid','objectGUID'] ) or die "err +or searching tree:$@\n"; my @entries = $users->sorted('displayName'); print "done.\nFound ".(scalar @entries)." entries.\n"; my $notfound=0; foreach my $e (@entries){ my $guid=$e->get_value('objectGUID'); my $name=$e->get_value('displayName'); my $thisuser=$ldap_session->search( base=>$CONF{ldapuserbase}, filter=>"(objectGUID=$guid)", attrs=> ['distinguishedName','sAMAccountName', +'homeDirectory','displayName','objectSid','objectGUID'] ) or die "err +or searching tree:$@\n"; my @user=$thisuser->sorted('displayName'); if(@user){ #do nothing }else{ print "can't find $name\n"; ++$notfound; } } print "not found=$notfound\n"; $ldap_session->unbind;
I should be able to grab the value and turn right back around and query for it, right? Does anyone have any insight as to what's going on?

ETA: I converted the "not found" objectGUID values to a readable hex string and displayed the values. All the objects have the value of "4" at the start of the 3rd subset. aka, XXXXXXXX-XXXX-4XXX-XXXX-XXXXXXXXXXXX

Coincidence????

Replies are listed 'Best First'.
Re: NET::LDAP and objectGUID
by ksublondie (Friar) on Jan 24, 2017 at 16:56 UTC
    No responses, but I found a solution. I still don't know why I can't turn around and use the same retrieved data for the filter criteria 100% of the time, but using information from the following:

    GUIDs and SIDs

    Net::LDAP GUID...

    I can now search by the objectGUID 100% of the time in my tests.

    sub GuidToString { my $stringGUID = unpack("H*", shift); $stringGUID =~ s/^(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w) +(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)(\w\w)/\\$1\\$2\\$3\\$4\\$5 +\\$6\\$7\\$8\\$9\\$10\\$11\\$12\\$13\\$14\\$15\\$16/; return $stringGUID; }

      Hi ksublondie,

      I don't know anything about LDAP GUIDs, but I just wanted to suggest a way to shorten that code. Note that unlike the regex, this works for input strings of any length.

      sub GuidToString { return join '', map {"\\$_"} unpack "(H2)*", shift; }

      Regards,
      -- Hauke D

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://1180179]
Approved by choroba
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others sharing their wisdom with the Monastery: (4)
As of 2024-03-28 23:26 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found