I have the objectSid attribute as returned by the ldapsearch command, how can I generate SID from it in human readable format?
ldapsearch command:
ldapsearch -LLL -H ldap://dc.example.com:389 -b dc=example,dc=lk -D example\administrator -w adminPassword "(sAMAccountName=bob)" | grep -i "objectSid::" | cut -d ":" -f3 | xargs
This command returns objectSid of the AD user "bob". Let's say it returned objectSid as:
AQUAAAAAAAUVAAAAPWW1S5rojK4mDAiG5BAAAA==
I want to generate its SID in the following format:
S-1-5-21-1270179133-2928470170-2248674342-4324
Is it possible to do this in Linux?
Best Answer
Finally I managed to construct SID from the ObjectSid. Here's the complete shell script if anyone interested.