Decode DN-binary attribute in AD using powershell

trying to see if anyone succeeded in pulling this from powershell… There is a constructed attribute for a read only domain controller , which contains details about the cached accounts in it, msds-revealedusers .see command below … Get-ADComputer Readonlydomaincontrollername -Server NAMEOFDOMAIN -Properties msds-revealedusers | select -ExpandProperty msds-revealedusers.

its a binary data, but trying to convert it into readable value as you see in the GUI in ADUC for the Read only domain controller …

B:96:A00009001B0000004DCAD20F03000000F6781F56E3FEDD48818E932B355D4113CF836322000000009F4FAC1C00000000:CN=USERNAMEOU=OU1,OU=DC,OU=WHATEVER,OU=WHENEVER,DC=DC,DC=DOMAIN,DC=com

above is the data you get out with powershell , but the actual values via gui should be something with the lmpwdhistory,ntpwdhistory etc

https://msdn.microsoft.com/en-us/library/dd240133.aspx

something about it
https://technet.microsoft.com/en-us/library/cc753459(v=ws.10).aspx
https://msdn.microsoft.com/en-us/library/cc223411.aspx
and finally
http://www.frickelsoft.net/blog/?p=248

sorry, doesn’t have rodc to try :slight_smile:

i found more and more about it, but no way or knowledge how to decode this. Only ADFIND is the tool which can decode this as of now…

searching more and more this is a “An octet string that contains a binary value and a distinguished name (DN)”

yes i saw the frickesoft thing as well as the adfind stuff to decode…i really really wish there was a way from powershell to do this and read the stuff…

found some more interesting stuff about this…

https://books.google.com/books?id=kGApqjobEfsC&pg=PA222&dq=object(dn-binary)+conversion+to+string&hl=en&sa=X&ved=0ahUKEwjpmKCOt8jWAhWowVQKHQWQDV8Q6AEIKDAA#v=onepage&q=object(dn-binary)%20conversion%20to%20string&f=falsedn-with binary