Directory Studio
  1. Directory Studio
  2. DIRSTUDIO-434

Add value editor for Active Directory objectGUID and objectSid attributes

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.2.0
    • Fix Version/s: 1.5.0
    • Component/s: studio-ldapbrowser
    • Labels:
      None

      Description

      When viewing an Active Directory entry objectGUID attributes are not displayed, and it is also not possible to edit them. Same for objectSid, both have the same syntax OID. The entry editor just shows "Invalid Data" for them.

      The attributes have binary values. They could be displayed either in hex format (and the hex format can be used in searches as well, with a backslash in front of every two hex digits), or using the preferred Microsoft format, which is just the hex format shuffled and delimited with dashes.

      Here are a couple of articles that show how to convert from hex to the Microsoft format:
      http://forums.sun.com/thread.jspa?threadID=646111
      http://blog.joeware.net/2008/05/03/1230/

      (I found this in version 1.3, but this is not listed as a released version)

        Issue Links

          Activity

          Hide
          Emmanuel Lecharny added a comment -

          The problem is that Microsoft (as usual ...) is using its own syntax. Instead of using the 1.3.6.1.4.1.1466.115.121.1.40 syntax, they defined a specific one (2.5.5.10) under an OID which should not be extended... Anyway, we won't change the way M$ is sabotaging the standards ...

          Let's implement M$ syntaxes. The first step would be to list all of them, in order to avoid doing it again.

          Show
          Emmanuel Lecharny added a comment - The problem is that Microsoft (as usual ...) is using its own syntax. Instead of using the 1.3.6.1.4.1.1466.115.121.1.40 syntax, they defined a specific one (2.5.5.10) under an OID which should not be extended... Anyway, we won't change the way M$ is sabotaging the standards ... Let's implement M$ syntaxes. The first step would be to list all of them, in order to avoid doing it again.
          Hide
          Stefan Zoerner added a comment -

          I recommend to add objectGUID and objectSid to the default list of binary attributes. After that, the ugly "Invalid data" message does not show up. Instead, the value in the browser states "Binary Data (16 Bytes)".

          Implementing an appropriate value editor would be the second step.

          Show
          Stefan Zoerner added a comment - I recommend to add objectGUID and objectSid to the default list of binary attributes. After that, the ugly "Invalid data" message does not show up. Instead, the value in the browser states "Binary Data (16 Bytes)". Implementing an appropriate value editor would be the second step.
          Hide
          Stefan Seelmann added a comment -
          • Added syntax 2.5.5.10 to binary syntaxes
          • Added attribute types objectGUID (1.2.840.113556.1.4.2) and objectSid (1.2.840.113556.1.4.146) to binary attributes
          • Also improved process of reading the schema because there was another issue: We read the schema from the server and parse object classes, attribute types, matching rules and syntaxes to schema objects. Active Directory schema only provides object clases and attribute types, but no syntaxes and no matching rules. The problem is that although both objectGUID and objectSid contain a syntax OID it is considered as invalid because the target syntax object does not exist. I fixed that by creating pseudo syntax and matching rule objects in such a case.
          Show
          Stefan Seelmann added a comment - Added syntax 2.5.5.10 to binary syntaxes Added attribute types objectGUID (1.2.840.113556.1.4.2) and objectSid (1.2.840.113556.1.4.146) to binary attributes Also improved process of reading the schema because there was another issue: We read the schema from the server and parse object classes, attribute types, matching rules and syntaxes to schema objects. Active Directory schema only provides object clases and attribute types, but no syntaxes and no matching rules. The problem is that although both objectGUID and objectSid contain a syntax OID it is considered as invalid because the target syntax object does not exist. I fixed that by creating pseudo syntax and matching rule objects in such a case.
          Hide
          Stefan Seelmann added a comment -

          Here is another article explaining the GUID format: http://alt.pluralsight.com/wiki/default.aspx/SDS/GuidBinding.html

          Show
          Stefan Seelmann added a comment - Here is another article explaining the GUID format: http://alt.pluralsight.com/wiki/default.aspx/SDS/GuidBinding.html
          Hide
          Stefan Seelmann added a comment -

          Added value editors for objectGUID and objectSid to display their string representation.

          Fixed here:
          http://svn.apache.org/viewvc?rev=822212&view=rev
          http://svn.apache.org/viewvc?rev=822618&view=rev

          Show
          Stefan Seelmann added a comment - Added value editors for objectGUID and objectSid to display their string representation. Fixed here: http://svn.apache.org/viewvc?rev=822212&view=rev http://svn.apache.org/viewvc?rev=822618&view=rev
          Hide
          Pierre-Arnaud Marcelot added a comment -

          Apache Directory studio version 1.5.0 has been released.

          Show
          Pierre-Arnaud Marcelot added a comment - Apache Directory studio version 1.5.0 has been released.

            People

            • Assignee:
              Stefan Seelmann
              Reporter:
              Marius Scurtescu
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development