Active Directory gem for Ruby with ObjectGUID Support

Question

I've searched high and low (rubygems.org, for instance) and can not find any up to date AD gems. I'm wanted ObjectGUID because it's a unique identifier in a system I'm using. Here is the code I'm running at the moment:

require 'rubygems'
require 'net/ldap'

def get_sid_string(data)
  sid = []
  sid << data[0].to_s

  rid = ""
  (6).downto(1) do |i|
    rid += byte2hex(data[i,1][0])
  end
  sid << rid.to_i.to_s

  sid += data.unpack("bbbbbbbbV*")[8..-1]
  "S-" + sid.join('-')
end

def byte2hex(b)
  ret = '%x' % (b.to_i & 0xff)
  ret = '0' + ret if ret.length < 2
  ret
end

ldap = Net::LDAP.new :host => "192.168.55.55",
    :port => 389,
    :auth => {
        :method => :simple,
        :username => "adam@foo.local",
        :password => "secret"
    }

filter = Net::LDAP::Filter.eq( "cn", "Adam*" )
treebase = "dc=foo,dc=local"

ldap.search( :base => treebase, :filter => filter ) do |entry|
  puts "DN: #{entry.dn}"
  entry.each do |attribute, values|
  next if attribute.to_s != "objectguid"
    puts "   #{attribute}:"
    values.each do |value|
      puts "      --->#{value.bytes}"
      puts "      --->#{value}"
    end
        puts "      --->#{get_sid_string(attribute.to_s)}"
  end
end

And here are the results:

DN: CN=Adam West,CN=Users,DC=foo,DC=local
   objectguid:
      --->[123, 94, 255, 162, 248, 97, 61, 65, 148, 210, 111, 76, 49, 58, 241, 208]
      --->{^���a=A��oL1:��
      --->S-o-0

The first line, of course, is the bytes. The second is just the array dumped out. The third is a bit of code I found that doesn't seem completed. Before I begin work on writing my own AD gem (or branching another one), I was wondering if anyone knows of anything that's being currently maintained? I've gone through several of them but none of them seem to either not handle the ObjectGUID at all cleanly or don't work reliably (I'm looking at you active_directory). So why is ObjectGUID so important? Because if a merging where to happen it won't change. I could use the sAMAccountName but I'm not 100% certain it will never change in a large merging.

My Goals (in case it matters or context will help): - Unique Identifier knowing it will never change. - The ability to search using said unique identifier. - Unique Identifier stored in a database for future pairings of related data not stored in AD (e.g. training reports).

Has anyone accomplished this with Ruby? Or perhaps know of a gem? Ideally I'd like a gem that handles this all for me but I know not where to ask.

Perhaps I'm making this more complicated than I should and just store the converted bytes to ints as in array in my database?

Answer 1

It appears there isn't an up to date library that Contains Everything(TM) but since ObjectGuid uses UUIDv4 there are tools to handle that specifically.

UUIDTools::UUID.parse_raw(value)

returns the correct information I seek in an easily storable and readable format. The gem is called 'uuidtools'.

As it turns out I can just store them as blobs: Using UUIDs in SQLite

and search using the same blobs given to me from my AD box. I can use the UUIDTools to make it human readable (for whatever reason, if I so desired -- but I'm starting to question what the point of that is now other than perhaps using it as a Primary Key).

I can do a search by using "objectGUID" (that was given to me earlier in raw format) itself without worrying about how it looks.