In our environment we have to manage multiple objects for each user.
- Primary Account on domain A/B
- Mailbox account on domain C/D
- GALSync contact on domain D/C (resource domain opposite mailbox)
In order to ensure that changes on the primary account are applied to the correct object on each domain, we've created some custom attributes to store the SID/GUID of each object on it's associated objects.
masterAccountDomain - domain name of the primary user account
msExchMasterAccountSid - SID of the primary user account
resourceAccountDomain - domain name of the mailbox user account
resourceAccountSid - SID of the mailbox user account
gALSyncContactDomain - domain name of the GALSync contact
gALSyncContactGUID - GUID of the GALSync contact
We are beginning to work with these attributes and I've run into difficulty dealing with the gALSyncContactGUID. The issue is, when the attribute is retrieved the type returned is a decimal array. I need to get the GUID in string format to work with it.
The current task I am working on is copying a manager that it set on the primary user account to the mailbox account and to the GALSync contact. I'm binding to the manager's primary account and retrieving the custom attributes as follows.
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")
$managerUsername = "%adm-ManagerUserName%"
$managerDN = (Get-AdmUser -Identity $managerUsername).distinguishedName
$manager = $admService.OpenObject("Adaxes://$managerDN", $NULL, $NULL, 0)
$managerMailboxDomain = $manager.Get("resourceAccountDomain")
$managerMailboxSID = New-Object System.Security.Principal.SecurityIdentifier($manager.Get("resourceAccountSID"), 0)
$managerMailboxSID = $managerMailboxSID.ToString()
$managerMailboxDN = (Get-AdmUser $managerMailboxSID -Server $manager.Get("resourceAccountDomain")).distinguishedName
$managerContactDomain = $manager.Get("gALSyncContactDomain")
$managerContactGUID = New-Object "System.Guid" (,$manager.Get("gALSyncContactGUID")) <--- Error here
$managerContactGUID = $managerContactGUID.ToString()
$managerContactDN = (Get-AdmObject $managerContactGUID -Server $managerContactDomain).distinguishedName
The problem I'm having is the gALSyncContactGUID property is being retrieved as a decimal array instead of the hex, so the conversion to the guid type fails. I just can't seem to get this into string format. Any insight would be appreciated.