Skip to content

Instantly share code, notes, and snippets.

@MagerValp
Created January 28, 2016 12:20
Show Gist options
  • Save MagerValp/a108b6494d47999d13c2 to your computer and use it in GitHub Desktop.
Save MagerValp/a108b6494d47999d13c2 to your computer and use it in GitHub Desktop.
Find OS X AD user UniqueID collisions
#!/usr/bin/python
# -*- coding: utf-8 -*-
import sys
import base64
userids = dict()
with open(sys.argv[1]) as f:
for line in f:
if line.startswith("dn:"):
username = line.partition("=")[2].partition(",")[0]
elif line.startswith("objectGUID:"):
guidb64 = line.rstrip().partition(" ")[2]
guidbin = base64.b64decode(guidb64)
guidbe = guidbin[3] + guidbin[2] + guidbin[1] + guidbin[0]
uniqueid = int(guidbe.encode("hex"), 16) & 0x7fffffff
if uniqueid in userids:
print "Collision: %d = %s, %s" % (uniqueid, username, userids[uniqueid])
userids[uniqueid] = username
#!/bin/bash
# This limits results to usernames starting with x for testing, adjust as appropriate: (&(objectClass=user)(cn=x*))
ldapsearch -LLL -H ldap://dc01.domain.example -b 'OU=Users,DC=domain,DC=example' -E pr=1000/noprompt "(&(objectClass=user)(cn=x*))" objectGUID > accounts.txt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment