从活动目录中读取 objectGUID

2022-01-17 00:00:00 node.js ldap active-directory javascript

我正在尝试使用 node.js 从 AD 获取信息.我已经尝试过 activedirectoryldapauth-fork 并且通常代码可以工作,但是如果我需要一些 octetstring 数据,例如 objectGUID,我在对象中看到一个垃圾字符串.我发现二进制数据被转换成utf-8的字符串.但问题是数据在转换过程中被损坏(很多带有 65533 代码的 cahrs),我无法将字符串恢复为原始二进制文件.

I'm trying to get information from AD using node.js. I've tried activedirectory and ldapauth-fork and in general the code works, but if I need some octetstring data like objectGUID, I see a rubbish string in the object. I found that binary data is converted into a string as utf-8. But the problem is that the data is damaged during convertion (a lot of cahrs with 65533 code) and I can't revert the string to original binary.

如何访问 octetstring 格式的数据以获得正确的二进制表示?

How can I access data in octetstring format to get correct binary representation?

const ActiveDirectory = require('activedirectory');

const config = {
  url: 'LDAP://ldap.example.com',
  baseDN: 'OU=Users,DC=example,DC=com',
  username: 'user@example.com',
  password: 'password'
};

const ad = new ActiveDirectory(config);

const query = { 
  filter: '(objectClass=user)',
  attributes: ["dn", "cn", "objectGUID", "objectSid"]
};

ad.findUsers(query, function (err, result) {
  if (err) {
    return console.error(err);
  }

  console.log(result.length);
  console.log(result[0]); // objectGUID contains rubbish
  console.log([...result[0].objectGUID].map(ch => ch.charCodeAt(0)));
});

相关:

  • https://github.com/mcavage/node-ldapjs/issues/228
  • https://github.com/gheeres/node-activedirectory/pull/15

推荐答案

entryParser 就是为了这个目的:

const ActiveDirectory = require('activedirectory');

const config = {
  url: 'LDAP://ldap.example.com',
  baseDN: 'OU=Users,DC=example,DC=com',
  username: 'user@example.com',
  password: 'password',
  entryParser(entry, raw, callback) {
    if (raw.hasOwnProperty("objectGUID")) { entry.objectGUID = raw.objectGUID; }
    callback(entry);
  }
};

const ad = new ActiveDirectory(config);

const query = { 
  filter: '(objectClass=user)',
  attributes: ["dn", "cn", "objectGUID", "objectSid"]
};

ad.findUsers(query, function (err, result) {
  if (err) {
    return console.error(err);
  }

  console.log(result.length);
  console.log(result[0]); // objectGUID contains Buffer with strange byte order
  console.log(result[0].objectGUID
    .toString('hex')
    .replace(
      /^(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)(..)$/,
      "{$4$3$2$1-$6$5-$8$7-$10$9-$16$15$14$13$12$11}"
    ).toUpperCase() // Normal guid, conversion could be moved into the parser
  );
});

相关文章