Skip Links

Network World

Tyson Kopczynski

PowerShell: Using a ByteArray within an LDAP filter

By tyson.kopczynski on Thu, 11/20/08 - 9:32am.
Newsletter Signup

Today, I got a good question from a friend of mine.  Let's call my friend Steve, after all his name is Steve.  Anyhow, my friend wanted to return all users within a domain that did not have a ByteArray value of FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF for the logonHours attribute.  Naturally, I said to myself that is easy enough, here is your filter statement:

!(logonHours=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF)

Yeah... that did not work.  So, I consulted my second brain: Google.  Didn't see anything right off the bat, but that must have been because I was using the wrong search terms.  Oddly enough, I then heard this nagging voice in the back of my mind:  "Tyson, you know this".  It took me a minute, and I then realized that I not only knew the topic at hand, but I even wrote about it in the 2nd Edition of the Windows PowerShell Unleashed book:

Lastly, if the search filter contains binary data, then that data needs to be represented such that each byte of the binary data is escaped using a backslash "\" followed by two hexadecimal digits. For example to retrieve the object with GUID = "659cd735f7fc4182b007b650b621d4de" you would use the following filter statement.

"(objectGUID=\65\9c\d7\35\f7\fc\41\82\b0\07\b6\50\b6\21\d4\de)"

It's not often, you get to source yourself.  :>)  Anyhow, now that I knew why the filter did not work, I gave Steve the following PowerShell one-liner which uses the Get-QADUser cmdlet from Quest's AD cmdlets:

get-qaduser -IncludeAllProperties -ldapfilter '(!(logonHours=\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF))' | select name,logonHours

 

If you like this, check out some other posts from Tyson:

 

Or if you want, you can also check out some of Tyson's latest publications:

 

Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet.  Or, sign up for the bi-weekly Microsoft newsletter(Click on News/Microsoft News Alert)

 

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
Advertisement:
About Hidden Microsoft

With more than ten years of experience in IT, Tyson Kopczynski has become a specialist in Active Directory, Information Assurance, Windows automation, PKI, and IT security practices. Tyson is also the founding author of the Windows PowerShell Unleashed series and has been a contributing author for such books as Microsoft Internet Security and Acceleration (ISA) Server 2006 Unleashed and Microsoft Windows Server 2008 Unleashed. He has also written many detailed technical papers and guides covering various technologies. As a consultant at Convergent Computing, Tyson works with and provides feedback for next generation Microsoft technologies since their inception and has also played a key role in expanding the automation and security practices at CCO. Tyson also holds such certifications as the Certified Information Systems Security Professional (CISSP), the SANS Security Essentials Certification (GSEC) and SANS Certified Incident Handler (GCIH), and the MCTS (Application Platform, Active Directory, and Network Infrastructure).


Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • SANS Security Essentials Certification (GSEC)
  • SANS Certified Incident Handler (GCIH)
  • MCTS (Application Platform, Active Directory, and Network Infrastructure)
  • Microsoft Certified Systems Engineer (MCSE) Security
  • CompTIA Security+

Publications:


Other Stuff:

  • Blogger NetworkWorld.com from June 2007
  • GIAC Advisory Board from 2009
  • SANS GSEC Local Mentor (a long time ago)
  • CompTIA Security+ SME (a long time ago)
  • Judge, Imagine Cup 2005 Int'l IT Competition
  • Judge, Imagine Cup 2007 Int'l IT Competition