Novell Home

Decoding LDIF-Formatted Network Addresses

Novell Cool Solutions: Tip
By Peter Kuo

Digg This - Slashdot This

Posted: 1 Mar 2005

The eDirectory LDAP server encodes the values of attributes that use either SYN_NET_ADDRESS or SYN_STREAM syntax, using the Base-64 Content-Transfer-Encoding mechanism (RFC 3548), before sending them to the client. When you query eDirectory for a network address, you get back something that looks like this:

networkAddress:: MSNaBAQE

Running the value through a Base-64 decoder produces 6 bytes of data, 3 bytes of which are none-printable characters. What you need to do is actually look at the decoded information in hexadecimal format:

31 23 5A 04 04 04

The API data structure for SYN_NET_ADDRESS is:

typedef struct
     nuint32 addressType;
     nuint32 addressLength;
     pnuint8 address; 
     } Net_Address_T;

where the first byte indicates the transport protocol type (common values are 0 = IPX, 1 = IP, and 5 = AppleTalk), the second byte is the length of the address, rest contains the address.

0x31 is ASCII character 1, which means the transport type is TCP/IP. 0x23 is the # character, used by the LDAP server as delimiter to separate fields of different data type. Since we know it is an IP address, it follows that the last four bytes are the four octets; converting the hex values into decimal, we get

Therefore, networkAddress:: MSNaBAQE translates into IP address

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Micro Focus