AD ldap and ntsecuritydescriptor

[califano]

Hi all,

I'm in trouble trying to extract ntsecuritydescriptor value from Domain Objects. I can get all values but it.

Someone can help me?

I'm using lazarus ide and jwaldap libraries.

Thx in advance

[rvk]

Maybe this answer can help.
https://stackoverflow.com/a/40774136/1037511

[jamie]

@RVK

 I Read your post today at work and clicked on the link you provided, our IT department did not like that link at all!

[rvk]

I Read your post today at work and clicked on the link you provided, our IT department did not like that link at all!

What? It didn't like stackoverflow.com?

What kind of IT department is that? 

I guess some people still live in China or Russia 

But seriously, what IT department doesn't like stackoverflow or the stackexchange sites?

Maybe they have strict filters in place so you can't visit sites with words like ntSecurityDescriptor and GetSecurityInfo, etc.

[califano]

Maybe this answer can help.
https://stackoverflow.com/a/40774136/1037511

Hi rvk, I read it already, but I get an error when I try to setup control:

 FillChar(SdControl, SizeOf(SdControl), 0);
  FillChar(SdControl, SizeOf(SdControl), 0);
  SdControl.ldctl_oid := pansichar('1.2.840.113556.1.4.801');
  SdControl.ldctl_iscritical := true;
  wsprintfA(b.bv_val,'%c%c%c%c%c',48,3,2,1,7);
  SdControl.ldctl_value:=b;
  CtrlArray := @SdControl;
  ldapcheck(ldap_set_option(FConnection, LDAP_OPT_SERVER_CONTROLS, @CtrlArray),true);


2nd ldapcheck returns "failed:Unavailable Critical Extension"

consider that LDAP_OPT_SERVER_CONTROLS (0x12) was not included in default constants nor LDAP_SERVER_SD_FLAGS_OID (1.2.840.113556.1.4.801)

thx for your help.