3.1.6.19 Find Object By GUID Using LDAP

  • Article

This event MUST be generated with the following arguments:

  • iGuid: the value of the objectGuid attribute of the requested object.

  • iADConnection: An ADCONNECTION_HANDLE ([MS-DTYP] section 2.2.2).

Return Values:

  • rStatus: A DirectoryOperationResult that indicates the result of this directory operation. If this value is not DirectoryOperationResult.Success, the ADConnection in iADConnection is no longer bound and MUST NOT be used to perform further operations, and the value of rDN is undefined.

  • rDN: The distinguished name of the object found.

The algorithm MUST perform the following actions to process this event:

  • Let CompactGuid be a string variable that is initialized by converting the value of iGuid to curly braced GUID string form ([MS-DTYP] section 2.3.4.3), then compacting it by removing all characters that are not hexadecimal digits.

  • Construct an LDAPMessage ([RFC2251] section 4.1):

    • messageID = set as described in [RFC2251] section 4.1.1.1.

    • protocolOp = searchRequest

    • controls = none

    • baseObject = an empty string

    • scope = wholeSubtree

    • derefAliases = neverDerefAliases

    • sizeLimit = 0

    • timeLimit = 0

    • typesOnly = FALSE

    • filter = "(objectGuid=" CompactGuid ")"

    • attributes = a one-element list consisting of the string "distinguishedName"

  • Perform the Performing an LDAP Operation on an ADConnection ([MS-ADTS] section 7.6.1.6) task with the following parameters:

    • TaskInputADConnection = DirectoryServerConnection

    • TaskInputRequestMessage = the LDAPMessage constructed in the preceding step

  • If the value of TaskReturnStatus is not success, as defined in [RFC2251] section 4.1.10, the algorithm MUST perform the following steps:

  • Extract the value of the distinguishedName attribute from the result message returned in TaskOutputResultMessages and set rDN to that value.

  • Set rStatus to DirectoryOperationResult.Success.

  • Processing MUST end.