随手写了一段C++访问LDAP, 并且获取sid的代码

Posted zj510

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了随手写了一段C++访问LDAP, 并且获取sid的代码相关的知识,希望对你有一定的参考价值。

直接上代码,获取sid,并且转换成字符串形式。没有仔细优化代码,这只能是一段demo代码,但是能跑成功。跟大家share一下。

// LDAPTest.cpp : Defines the entry point for the console application.
//

#include "stdafx.h"

#include <windows.h>
#include "Winldap.h"
#include <Dsgetdc.h>
#include <Sddl.h>
#include <string>
#include <algorithm>
//#include <locale>

#define MAX_NAME 1024


std::string ConvertToStringSid(const unsigned char* bsid, const int len);
namespace myldap

    std::wstring LogInWithLdap(const std::wstring& strLdapServer, const std::wstring& strDomain, const std::wstring& strUserName, const std::wstring& strPwd)
    
        const WCHAR* kSAMAccountName = L"sAMAccountName";
        const WCHAR* kObjectSid = L"objectSid";

        ULONG rt;

        LDAP* ld = ldap_initW((PWSTR)strLdapServer.c_str(), 0);
        rt = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void*)3);
        rt = ldap_connect(ld, NULL);

        std::wstring strLoginName;
        strLoginName.append(strDomain);
        strLoginName.append(L"\\\\");
        strLoginName.append(strUserName);

        rt = ldap_simple_bind_s(ld, (PWSTR)strLoginName.c_str(), (PWSTR)strPwd.c_str());

        LDAPMessage *pMsg = NULL;
        WCHAR* attrs[] = (WCHAR*)kObjectSid, NULL;
        WCHAR filter[1000] =  0;
        wsprintf(filter, L"(%s=%s)", kSAMAccountName, strUserName.c_str());
        rt = ldap_search_sW(ld, L"", LDAP_SCOPE_SUBTREE, filter, attrs, 0, &pMsg);

        ULONG entry_count = ldap_count_entries(ld, pMsg);
        std::wstring ret;
        LDAPMessage *e = NULL;  
        for (e = ldap_first_entry(ld, pMsg); e != NULL; e = ldap_next_entry(ld, e))  
        
            PWCHAR pp = ldap_get_dnW(ld, e);
            std::wstring dn(pp);
            
            std::transform(dn.begin(), dn.end(), dn.begin(), tolower);

            auto i1 = dn.find(L"dc=");
            auto i2 = dn.find(L",", i1);
            auto dc = dn.substr(i1 + 3, i2 - i1 - 3);

            if (_wcsicmp(dc.c_str(), strDomain.c_str()) != 0)
            
                continue;
            
            
            BerElement* ber = NULL;
            WCHAR* attribute = ldap_first_attributeW(ld, e, &ber);
            while (attribute)
            
                berval** attrList;
                if (attrList = ldap_get_values_lenW(ld, e, attribute))
                
                    for (int i = 0; attrList[i]; i++ )
                    
                        std::string sid = ConvertToStringSid((const unsigned char*)attrList[i]->bv_val, attrList[i]->bv_len);
                        ret = std::wstring(sid.begin(), sid.end());
                    
                    ldap_value_free_len(attrList);
                
                ldap_memfreeW(attribute);

                attribute = ldap_next_attributeW(ld, e, ber);
            

        

        return ret;
    


std::string ConvertToStringSid(const unsigned char* bsid, const int len)

    if (len < 8)  // at least 8 bytes
    
        return "";
    

    char buf[1024] = 0;
    std::string sid("S");

    // revision
    int revision = bsid[0];
    memset(buf, 0, sizeof(buf));
    sprintf_s(buf, "-%d", revision);
    sid.append(buf);

    // 6 types
    unsigned char temp[6] = 0;
    for (int i = 0; i < 6; ++i)
    
        temp[6 - i - 1] = bsid[2 + i];
    
    long long d3 = 0;
    memcpy(&d3, temp, 6);

    memset(buf, 0, sizeof(buf));
    sprintf_s(buf, "-%ld", d3);
    sid.append(buf);

    // 32bit (4bytes) dashes
    int dashes = (int)bsid[1];  // second byte determines dash number. dashes = total dashes - 2

    if (dashes * 4 != len - 8)
    
        return "";  // wrong format
    

    for (int i = 0; i < dashes; ++i)
    
        unsigned int v = 0;
        memcpy(&v, bsid + 8 + i * 4, 4);

        memset(buf, 0, sizeof(buf));
        sprintf_s(buf, "-%u", v);
        sid.append(buf);
    

    return sid;


int _tmain(int argc, _TCHAR* argv[])


    std::wstring strSid = myldap::LogInWithLdap(L"qapf1.qalab01.nextlabs.com:3268", L"qapf1", L"john.tyler", L"john.tyler");

    
	return 0;



以上是关于随手写了一段C++访问LDAP, 并且获取sid的代码的主要内容,如果未能解决你的问题,请参考以下文章

只因程序员写了一段爬虫,公司200人被端,是种什么体验?

只因程序员写了一段爬虫,公司200人被端,是种什么体验?

我写了半年的博客,却被人说“不火”?我是这样怼回去的?

昨晚停网后,我写了一段Python代码攻破了隔壁老王家的wifi密码

昨晚停网后,我写了一段Python代码攻破了隔壁老王家的wifi密码

我反对中文编程!