Friday, September 08, 2017

If you need to perform LDAP query against Active Directory with objectGUID as the filter, you need to convert the string representation of that GUID to octetstring.

For example, if the objectGUID string value is: ffe17244-4c77-48e7-9db7-69578be7e232
You need to convert it to: \44\72\e1\ff\77\4c\e7\48\9d\b7\69\57\8b\e7\e2\32

so then you can provide the LDAP filter with:
(objectGUID=\44\72\e1\ff\77\4c\e7\48\9d\b7\69\57\8b\e7\e2\32)

To do this by C#, use the following function:

        private string convertStringGuidToOctectString(string guid)
        {
            Guid g = Guid.Parse(guid);
            Byte[] gba = g.ToByteArray();

            string result = "";
            foreach (Byte b in gba)
            {
                result = result + @"\" + b.ToString("x2");
            }

            return result;
        }

Good luck!