Convert objectSID (byte[]) to String
- Script
- Script authorities

Convert objectSID (byte[]) to String

If you need to work with String value of ObjectSID which you can get from AD system you need to transform it, because connector will return it as byte array. For this purpose you can use method in Extras 1.8.0 ExtrasUtils::convertSidToStr If you don't have Extras modul on your project use the following groovy script

Script

import java.nio.ByteBuffer;
import java.nio.ByteOrder;
 
if (attributeValue == null)
    return null;
if (attributeValue.length < 8 || attributeValue.length % 4 != 0)
    return "";
StringBuilder sb = new StringBuilder();
sb.append("S-").append(attributeValue[0]);
int c = attributeValue[1]; // Init with Subauthority Count.
ByteBuffer bb = ByteBuffer.wrap(attributeValue);
sb.append("-").append(bb.getLong() & 0xFFFFFFFFFFFFL);
bb.order(ByteOrder.LITTLE_ENDIAN); // Now switch.
for (int i = 0; i < c; i++) { // Create Subauthorities.
    sb.append("-").append((long) bb.getInt() & 0xFFFFFFFFL);
}
return sb.toString();

Script authorities

Service

Class java.lang.StringBuilder java.nio.ByteBuffer java.lang.Byte java.nio.HeapByteBuffer java.nio.ByteOrder

To make this work:

MS AD - Users System details → Connector configuration → Specified attributes to be returned → add "objectSid"
MS AD - Users System details → Scheme → Scheme attributes → add "objectSid"
MS AD - Users System details → Mapping → Synchronization → Mapped attributes → add "objectSid"

Table of Contents

Convert objectSID (byte[]) to String

Script

Script authorities