如何使用带有PHP的ObjectSID和任何语言的LDAP查询对象?我发现了大量的“解决方案”并没有真正意义上的解决方案,也没有人真正解释所使用的ObjectSID的来源,只不过它是二进制的。
例如,我已经完成了初步搜索并检索了ObjectSID以备将来使用。问题是返回的ObjectSID似乎是二进制的。如何使用PHP的ldap_search将该二进制文件发送回LDAP?
我已经读过我应该将值转换为Hex,所以我已经完成了bin2hex($ObjectSID),但我通过LDAP浏览器看到的值:S-1-5-21-1851920287-2048563450-226493979-1120与我的结果值不匹配:0105000000000005150000009f0f626efa981a7a1b06800d60040000
任何人都有明确的答案吗?
答案 0 :(得分:0)
好的,找到了以下答案:
// Returns the textual SID
public function bin_to_str_sid($binsid)
{
$hex_sid = bin2hex($binsid);
$rev = hexdec(substr($hex_sid, 0, 2));
$subcount = hexdec(substr($hex_sid, 2, 2));
$auth = hexdec(substr($hex_sid, 4, 12));
$result = "$rev-$auth";
for ($x=0;$x < $subcount; $x++) {
$subauth[$x] =
hexdec($this->little_endian(substr($hex_sid, 16 + ($x * 8), 8)));
$result .= "-" . $subauth[$x];
}
// Cheat by tacking on the S-
return 'S-' . $result;
}
// Converts a little-endian hex-number to one, that 'hexdec' can convert
public function little_endian($hex)
{
$result = "";
for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2)
{
$result .= substr($hex, $x, 2);
}
return $result;
}
// This function will convert a binary value guid into a valid string.
public function bin_to_str_guid($object_guid)
{
$hex_guid = bin2hex($object_guid);
$hex_guid_to_guid_str = '';
for($k = 1; $k <= 4; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-';
for($k = 1; $k <= 2; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-';
for($k = 1; $k <= 2; ++$k) {
$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
}
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
return strtoupper($hex_guid_to_guid_str);
}