Script to resolve GUID to String in Active Directory
Answering your last question first: yes, you need a domain account, otherwise GetObject() will fail.
As for your first question: The GUID property returns a string of hexadecimal values, which are ordered according to the GUID data structure. Since the first 4 bytes are stored as a DWORD followed by 2 WORDs you have to take the endianness into account. intel machines store WORDs and DWORDs little endian encoded (least significant byte first), so you have to reverse the byte order of the first 4 bytes. The rest of the data structure is a byte array, so those bytes are already in the correct order.
Example:
Let's say you have a hex string like this:
000102030405060708090a0b0c0d0e0f
You would split it like this:
00010203 0405 0607 08090a0b0c0d0e0f
DWORD WORD WORD BYTE[]
Because of the little endian encoding you have to reverse the order of the first 4 bytes (every 2-digit hex value representing 1 byte):
03020100 0504 0706 08090a0b0c0d0e0f
That's what this part of the code does (comments mine):
' reverse DWORD
GUIDStr = Mid(strOctet, 7, 2)
GUIDStr = GUIDStr + Mid(strOctet, 5, 2)
GUIDStr = GUIDStr + Mid(strOctet, 3, 2)
GUIDStr = GUIDStr + Mid(strOctet, 1, 2)
' reverse 1st WORD
GUIDStr = GUIDStr + Mid(strOctet, 11, 2)
GUIDStr = GUIDStr + Mid(strOctet, 9, 2)
' reverse 2nd WORD
GUIDStr = GUIDStr + Mid(strOctet, 15, 2)
GUIDStr = GUIDStr + Mid(strOctet, 13, 2)
The remainder of the string represents a byte array, so those bytes are used in order:
GUIDStr = GUIDStr + Mid(strOctet, 17, Len(strOctet))
The next instruction formats the hex string into a GUID string, grouping the digits properly (8-4-4-4-12):
tmpGUID = "{" & Mid(GUIDStr, 1, 8) & "-" & Mid(GUIDStr, 9, 4) & _
"-" & Mid(GUIDStr, 13, 4) & "-" & Mid(GUIDStr, 17, 4) & _
"-" & Mid(GUIDStr, 21, 15) & "}"
resulting in the following string:
{03020100-0504-0706-0809-0a0b0c0d0e0f}
Please see also this blog post from Eric Lippert for a more thorough explanation.
Related videos on Youtube
06 : 50
01 : 22 : 13
48 : 34
15 : 26
03 : 01
user7980
Updated on September 18, 2022Comments
-
user7980 over 1 year
I am trying to understand the output of the following VB script that resolves a GUID to a string in active directory:
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B325649
This article demonstrates how to convert the hexadecimal string form of an object's GUID into its string form:
Paste the following code in a .vbs file.
'================================================================ 'Set the next line to reflect a DN for an object in the directory '================================================================ Set obj = GetObject("LDAP://CN=Username,CN=Users,DC=DOMAIN,DC=COM") MsgBox "The GUID string Value for user " & obj.Get("DisplayName") & _ " is " & ConvertHexStringGUIDToStringGUID(obj.GUID) '================================================================ ' ConvertHexStringGUIDToStringGUID function '================================================================ Function ConvertHexStringGUIDToStringGUID(strOctet) Dim tmpGUID, GUIDStr 'Convert the string by flipping the bits around. GUIDStr = Mid(strOctet, 7, 2) GUIDStr = GUIDStr + Mid(strOctet, 5, 2) GUIDStr = GUIDStr + Mid(strOctet, 3, 2) GUIDStr = GUIDStr + Mid(strOctet, 1, 2) GUIDStr = GUIDStr + Mid(strOctet, 11, 2) GUIDStr = GUIDStr + Mid(strOctet, 9, 2) GUIDStr = GUIDStr + Mid(strOctet, 15, 2) GUIDStr = GUIDStr + Mid(strOctet, 13, 2) GUIDStr = GUIDStr + Mid(strOctet, 17, Len(strOctet)) tmpGUID = "{" & Mid(GUIDStr, 1, 8) & "-" & Mid(GUIDStr, 9, 4) & _ "-" & Mid(GUIDStr, 13, 4) & "-" & Mid(GUIDStr, 17, 4) & _ "-" & Mid(GUIDStr, 21, 15) & "}" ConvertHexStringGUIDToStringGUID = tmpGUID End FunctionMy question is:
- What is the output of this script?
- Do you have to have a domian account to run the command
Set obj = GetObject("LDAP://CN=Username,CN=Users,DC=DOMAIN,DC=COM")?