Base64

the Base64 option provides the ability to encode and decode different data into and from base64 encoding.  This is useful when creating LDIFDE input files which use Base64 for the GUID or just encoding data to be send via email.

The pane is free text entry form, you just need to enter the data you want to encode, highlight the text you want to encode and then right click and select require Encode from option and select the input data type and it will be encoded it in base64.  To decode a base64, just copy and paste the base64 encode text into the pane, then highlight the encoded text and the required decode to option.

These are the menu options that are available:

Generate GUID - using the Windows API this will generate a unique GUID
Text - will encode from text to base64 or base64 from to text
GUID - will encode a GUID to base64, the text GUID is converter to Hex before its encoded, or base64 to text GUID
Hex - Encode a hex text to Base64, or from base64 and dump the decoded data in Hex

This shows a sample text being encode to Base64:

This shows the previously encoded text being decoded:

Now this is decoding a base64 encoded text to Hex:

This shows a number of GUID that have been generated and the last entry is encoded to base64 and then decoded to Hex:

LDAP Search – Base DN Formats

Active Directory support a number of different formats for the Base DN field, these are Distinguished Name, GUID and SID 

Distinguished Name is based on RFC 4514 e.g. CN=user1,CN=users,DC=domain,DC=com

GUID provides the GUID of an object which will be used as the base for searches, i.e <GUID=01f04883-d68e-4367-8ad1-a2faa79a2e5a>

SID format is the same as GUID but the entry is based on a SID i.e. <SID=S-1-5-21-2816452191-2840564649-4223122534-1000>

The SID and GUID option with the Search Scope set to Base Level can be used as quick search for users or other objects in the AD based on the GUID or SID.  The SIDs and GUIDs are entered in standard readable format.

LDAP Search Substitution

NetTools supports a number of Inline substitution options, that enables different data types to be entered in a user friendly formats, without the need to remember complicated data formats.  These can be used in the filter to simplify filter entry or convert data format for attribute updates with Update Queries.  

There are two types of substitutions available, data converters, and matching rule converters.

Data Converters
Data converters have the following format {<type>:[data]}

-1: int64 const of -1 e.g. (pwdlastset={-1:}) which will be replaced with 9223372036854775807
sid: object sid e.g. (objectsid={sid: S-1-5-21-3499964120-3315823391-1593708255-164234})
guid: object guids e.g. (objectguid={guid:00AD5B16-8E22-49D5-B83A-BFDEA6DFF7DE})
oid: oid identifiers e.g. (omobjectclass={oid:1.3.12.2.1011.28.0.702})
ip: IP address in windows order e.g. (ipaddress={ip:10.12.45.254})
ipn: IP address in network order e.g. (ipaddress={ipn:10.12.45.254})
hex: hexadecimal value e.g. (&(objectclass=group)(grouptype={hex:0x8000002}))
userinput: request user input e.g. {userinput:Date} responses are cached against the label, if the same label is used again the cached response is used
unicode: return the specified string as escape hex string {unicode:new}
idate: 64bit Time e.g. (lastlogontimestamp={idate:31/12/2011})
zdate: Generalized Time Format e.g. (whencreated={zdate:30/12/2011})
sdate: returns the date in dd/mm/yyyy format, when used in conjunction with Now constant e.g. {sdate:now}
sdatetime: returns the date in dd/mm/yyyy hh:mm:ss format, when used in conjunction with Now constant
anr: Create an ANR filter based on the input string e.g. {anr:john smith}

zdate, idate, sdate, and sdatetime types also support the 'Now' constant, and can be used with with optional plus and minus days.
e.g. {zdate:now}, {zdate:now-365}, {idate:now+5}, {sdate:now}

Nesting is supported on a number of the substitutions to convert from one format to another or converting a user input e.g  {idate:i{usernput:enter date}}

Matching Rules Converters
Matching rule converters use a single character as a substitute for the matching rule OIDs for LDAP filters, these are |  & % $

|= is the Or bit logic operator e.g. (!useraccountcontrol |= 2)  - expands to (!useraccountcontrol:1.2.840.113556.1.4.802:=2)

&= is the And bit logic operator e.g. (useraccountcontrol &= 2)  - expands to (useraccountcontrol:1.2.840.113556.1.4.803:=2)

%= is the chain operator e.g. (memberof %= (cn=Group1,OU=groupsOU,DC=test,DC=com)) - expands to (memberof:1.2.840.113556.1.4.1941:= (cn=Group1,OU=groupsOU,DC=test,DC=com))

$= is the DN-Binary or DN-String search e.g. (msDS-HasInstantiatedNCs$=B:8:0000000D:CN=Configuration,DC=corp) - expands to (msDS-HasInstantiatedNCs:1.2.840.113556.1.4.2253:=B:8:0000000D:CN=Configuration,DC=corp)