PeetMcK · July 23, 2020 23:40
diff --git a/convert.sh b/convert.sh
 #!/bin/bash

 #
 # Author:   Calum Hunter
 # Date:     28/11/2016
 # Version:  1.0
 # Purpose:  To generate a Mac UID from the objectGUID attribute
 #           (GeneratedUID) in AD. 
 #           This uses the same method that the Apple
 #           AD Plugin uses
 #

 ## Start by loading up our ldap query variables
 SVC_ACCOUNT_NAME="srv_acct"
 SVC_ACCOUNT_PASS="password"
 DOMAIN="domain.com"
 LDAP_SERVER="domain.com"
 SEARCH_BASE="dc=domain,dc=com"
 SAM_ACCOUNTNAME=$1

 DECODE_BASE64(){
    # This function takes the encoded output from ldapsearch and decodes it 
    # It then needs to be "hex-dumped" in order to get it into regular text
    # So that we can work with it
    OBJECT_ID="$1"
    BASE64_DECODED=$(echo $OBJECT_ID | base64 -D)
    G=($(echo ${BASE64_DECODED} | hexdump -e '16/1 " %02X"'))
    OBJECTGUID="${G[3]}${G[2]}${G[1]}${G[0]}-${G[5]}${G[4]}-${G[7]}${G[6]}-${G[8]}${G[9]}-${G[10]}${G[11]}${G[12]}${G[13]}${G[14]}${G[15]}"
 }

 # Search LDAP for our user account
 RESULT=$(ldapsearch -LLL -H ldap://$LDAP_SERVER -o ldif-wrap=no -x -D ${SVC_ACCOUNT_NAME}@$DOMAIN -w ${SVC_ACCOUNT_PASS} -b "${SEARCH_BASE}" "(sAMAccountName=$SAM_ACCOUNTNAME)" "objectGUID")


 # Get our user DN and objectGUID from the result above.
 USER_DN=$(echo "$RESULT" | grep "dn:")
 USER_GUID_BASE64=$(echo "$RESULT" | awk -F "::" '/objectGUID/ {print $2}')

 # Get our GeneratedUID from LDAPSEARCH by decoding and hex dumping it
 DECODE_BASE64 "$USER_GUID_BASE64"

 # Now lets get the first 32 bits of our GUID
 GUID_32=${OBJECTGUID:0:8}
 echo $GUID_32

 # Now convert this to decimal 
 # This should ensour that if this is greater than the largest decimal figure allowed for a mac UID (32Bit Integer) 
 # It'll do some magic
 GUID_32_DEC=$(echo $(($(echo "ibase=16; $GUID_32" | bc) & 2147483647)))

 # Echo our output
 echo "User: $(echo $USER_DN | awk -F "dn:" '{print $2}')"
 echo "ObjectGUID: $OBJECTGUID"
 echo "Mac UID: $GUID_32_DEC"
	#!/bin/bash

	#
	# Author: Calum Hunter
	# Date: 28/11/2016
	# Version: 1.0
	# Purpose: To generate a Mac UID from the objectGUID attribute
	# (GeneratedUID) in AD.
	# This uses the same method that the Apple
	# AD Plugin uses
	#

	## Start by loading up our ldap query variables
	SVC_ACCOUNT_NAME="srv_acct"
	SVC_ACCOUNT_PASS="password"
	DOMAIN="domain.com"
	LDAP_SERVER="domain.com"
	SEARCH_BASE="dc=domain,dc=com"
	SAM_ACCOUNTNAME=$1

	DECODE_BASE64(){
	# This function takes the encoded output from ldapsearch and decodes it
	# It then needs to be "hex-dumped" in order to get it into regular text
	# So that we can work with it
	OBJECT_ID="$1"
	BASE64_DECODED=$(echo $OBJECT_ID \| base64 -D)
	G=($(echo ${BASE64_DECODED} \| hexdump -e '16/1 " %02X"'))
	OBJECTGUID="${G[3]}${G[2]}${G[1]}${G[0]}-${G[5]}${G[4]}-${G[7]}${G[6]}-${G[8]}${G[9]}-${G[10]}${G[11]}${G[12]}${G[13]}${G[14]}${G[15]}"
	}

	# Search LDAP for our user account
	RESULT=$(ldapsearch -LLL -H ldap://$LDAP_SERVER -o ldif-wrap=no -x -D ${SVC_ACCOUNT_NAME}@$DOMAIN -w ${SVC_ACCOUNT_PASS} -b "${SEARCH_BASE}" "(sAMAccountName=$SAM_ACCOUNTNAME)" "objectGUID")


	# Get our user DN and objectGUID from the result above.
	USER_DN=$(echo "$RESULT" \| grep "dn:")
	USER_GUID_BASE64=$(echo "$RESULT" \| awk -F "::" '/objectGUID/ {print $2}')

	# Get our GeneratedUID from LDAPSEARCH by decoding and hex dumping it
	DECODE_BASE64 "$USER_GUID_BASE64"

	# Now lets get the first 32 bits of our GUID
	GUID_32=${OBJECTGUID:0:8}
	echo $GUID_32

	# Now convert this to decimal
	# This should ensour that if this is greater than the largest decimal figure allowed for a mac UID (32Bit Integer)
	# It'll do some magic
	GUID_32_DEC=$(echo $(($(echo "ibase=16; $GUID_32" \| bc) & 2147483647)))

	# Echo our output
	echo "User: $(echo $USER_DN \| awk -F "dn:" '{print $2}')"
	echo "ObjectGUID: $OBJECTGUID"
	echo "Mac UID: $GUID_32_DEC"