Commander
Commander
471 views

Convert objectGUID with ECMAScript

Good morning,

I am using the Novell LDAP Java classes to search both eDIrectory and Active Directory. This works well, except for GUID type values coming from AD.

For the life of me, I cannot figure out how to convert the value in to something that is readable.

For example, the value for the objectGUID should be {b4a704ae-ec52-4255-b66d-5826d20522af}, as is shown in Apache Directory Studio. But, I have no idea if the Byte Array I am receiving back from AD is even correct, and if it is, how to convert it.

Here is what I have tried, and the results of what I get...is this even going down the right path?

function getGUID( myAttr, myVal )
{
bos = new ByteArrayOutputStream();
oos = new ObjectOutputStream(bos);
oos.writeObject( myVal );
oos.flush();
data = bos.toByteArray();
var varMe = new String(myVal, java.nio.charset.StandardCharsets.UTF_8);
print ( myVal + " -> " + data + " or " + varMe )

var GuidStream = new java.io.ByteArrayInputStream( data );

The objectGUID attribute run through the code gives me this:

[B@2781e022 -> [B@458c1321 or [B@2781e022

And the resulting 'association' gives me this: 00 75 00 00 00 00 00 00 00 00 00 26 00 72 42 00

Something is not right, but I have no idea what I am doing 🙂  I am using the correct getByteValues() of the search result on the Object, so that's not it.

Is this even giving me a Byte Array, or just rubbish? Does anyone have ECMAScript examples of how to convert the objectGUID?

Thanks a million in advance!

-K

8 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Hi Keith,
I sent you my "old" ECMA that includes 2 functions, that allows to covert from NetIQ AD Association format (HEX) to AD objectGUID (base64)
* function hexToBase64(str) Convert hex string (AD association) to base64 (objectGUID)
* K6uwHm2UrUeM4QIsZB0J+A==
*
* function base64ToHex(str) Convert base64 (objectGUID) to hex string (AD association)
* 2b ab b0 1e 6d 94 ad 47 8c e1 02 2c 64 1d 09 f8

I hope, this old code will help you to resolve your issue.

Happy New Year!

Alex
0 Likes
Commander
Commander

Thanks Alex.

I'll take a look when I get back home on new years day, but thanks a million for sending the code over. I'd love to get this working, as it's been bugging me for a day now.

Happy new year to you too!!

K
0 Likes
Micro Focus Expert
Micro Focus Expert

@karmst , I do not know ECMAscript well enough to help directly, but maybe the following can be helpful.

There are two examples of manipulating GUIDs in the Advanced Java Class ECMAScript Library used/referenced in a number of drivers. For quick reference here are the code snippets from that library:

/** 
 * Convert a Base64 encoded GUID attribute value to an ASCII string
 * in the format the NDS2NDS driver uses as its association.
 *
 * @param {String}	s	Base64 encoded GUID attribute value
 *
 * @type String
 * @return ASCII string
 *
 * @throws IOException -
 */
function guid2Association(s)
{
	var bytes = Base64Codec.decode(s);
	var s1 = encodeAsciiHex(bytes);
	return '{' +
		s1.substring(0, 😎 +
		'-' +
		s1.substring(8, 12) +
		'-' +
		s1.substring(12, 16).toLowerCase() +
		'-' +
		s1.substring(16, 20) +
		'-' +
		s1.substring(20) +
		'}';
}

/** 
 * Convert a Base64 encoded GUID attribute value to an ASCII string
 * in the typical string format of a GUID.
 *
 * @param {String}	s	Base64 encoded GUID attribute value
 *
 * @type String
 * @return ASCII string
 *
 * @throws IOException -
 */
function guid2string(s)
{
	var bytes = Base64Codec.decode(s);
	var s1 = encodeAsciiHex(bytes);
	return s1.substring(0, 😎 +
		'-' +
		s1.substring(8, 12) +
		'-' +
		s1.substring(12, 16).toLowerCase() +
		'-' +
		s1.substring(16, 20) +
		'-' +
		s1.substring(20);
}

In one situation I needed to work with the AD Association and convert it to the Immutable ID. Before I realized I could get this directly from the AD attribute mS-DS-ConsistencyGuid in the desired format, I found the sample code by Marc Seecof's in his guid_to_base64. I used that to work out the following to convert the AD Association base64 string to the Immutable ID format.

/**
 * @fileoverview:	Convert Association string value to Base-64 ImmutableID format value 
 * @author:	dstagg, 2020-0730 based on sample work by Mark Seecof, 2012-03-31 [guid_to_base64()]
 *
 * Association is GUID value in string format with no little endian-ness or dashes 	
 *
 *  Object GUID:	ad23b5da-d0e8-4a4f-be65-8d777f9d0223
 *  Association: 	dab523ade8d04f4abe658d777f9d0223
 *  ImmutableID:	2rUjrejQT0q+ZY13f50CIw==
*/

var hexlist = '0123456789abcdef';
var b64list = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';

function assoc2ImmutableID(assoc) {
    var s = assoc.replace(/[^0-9a-f]/ig, '').toLowerCase();
    if (s.length != 32) return '';

    var a, p, q;
    var r = '';
    var i = 0;
    while (i < 33) {
      a = (hexlist.indexOf(s.charAt(i++)) << 😎 |
        (hexlist.indexOf(s.charAt(i++)) << 4) |
        (hexlist.indexOf(s.charAt(i++)));

      p = a >> 6;
      q = a & 63;

      r += b64list.charAt(p) + b64list.charAt(q);
    }
    r += '==';

    return r;
  } 
  
  /* assoc2ImmutableID()  */

The above samples may give you some ideas for your specific situation.

Cheers,

D

Commander
Commander

Thank you!!
I'll try this, too, when I get back to my computer. I'll post back with the results. Hopefully we'll have a good result.
Thanks again!!!!!
Happy new year.
K
Knowledge Partner Knowledge Partner
Knowledge Partner

Hi Keith,

Have a look at the bits & pieces package in https://www.brummelhook.com/download/idm/packages/

Cheers, Lothar
______________________________________________
https://www.is4it.de/identity-access-management
Commander
Commander

HI again,

Thanks for all the suggestions, but the issue was with the Byte Object conversion to something I can use.

I have progressed somewhat, but still no success. Although, I think I am close.

Correct GUID: b4a704ae-ec52-4255-b66d-5826d20522af

My function:

function getGUID ( varAttr, varVal )
{
var varReturn = new String;
while ( varVal.hasMoreElements() )
{
var varValue = varVal.nextElement();
var jArr = java.lang.reflect.Array.newInstance(java.lang.Byte, varValue.length);

for ( var i = 0; i < varValue.length; i++)
{
jArr[i] = varValue[i];
};

var Offset = 0;
print ( "New String from Array: " + new String(jArr, java.nio.charset.StandardCharsets.UTF_8));
print ("Array: " + jArr.length + " " + jArr.toString() )
print ("Value: " + varValue.length + " " + varValue.toString())

while ( Offset < varValue.length )
{
val = varValue[Offset++] & 0xff;
var varString = Integer.toHexString ( val )
if ( varString.length () == 1 )
{
varString = "0" + varString;
}

print (varString);
}
}

return varReturn;

}

Program Output:

New String from Array: [Ljava.lang.Byte;@52feb982
Array: 16 [Ljava.lang.Byte;@52feb982
Value: 16 [B@7a765367
ae
04
a7
b4
52
ec
55
42
b6
6d
58
26
d2
05
22
af

 

So, if the GUIDS are sorted by the 2 digit values, the output is exactly the same...so the value coming in to the function returns a valid output string, but in the wrong order.

I AM SURE I am doing something stupid.

-K

0 Likes
Commander
Commander

I figured it out, and just had to use already existing code (i got it from the Bits and Pieces function).

Now the objectGUID is exactly the same as the one from AD.

Thanks for all the help and suggestions.

countryCode: 0
objectGUID: b4a704ae-ec52-4255-b66d-5826d20522af
dSCorePropagationData: Mon Jan 01 00:00:00 GMT 1601
uSNCreated: 299105

etc

Cheers,

-K

Knowledge Partner Knowledge Partner
Knowledge Partner

Hi Keith,

I can't see in your code any output "re-arrangement"  code.

You have a number of "different" versions available in different provided ECMA scripts.

You can try adjust this code

function guid2Association(s)
{
var bytes = Base64Codec.decode(s);
var s1 = encodeAsciiHex(bytes);
return '{' +
s1.substring(0, +
'-' +
s1.substring(8, 12) +
'-' +
s1.substring(12, 16).toLowerCase() +
'-' +
s1.substring(16, 20) +
'-' +
s1.substring(20) +
'}';
}

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.