protected function validateAndGetGroupSID($name)
{
$query = new LdapQueryBuilder($this->getLdapConnection());
$query->select('objectSid')->where(['objectClass' => 'group', 'cn' => $name]);
// Only validate group group membership on modification.
if ($this->getOperationType() == AttributeConverterInterface::TYPE_MODIFY) {
$query->andWhere(['member' => $this->getDn()]);
}
try {
return $query->andWhere($query->filter()->bitwiseAnd('groupType', GroupTypeFlags::SECURITY_ENABLED))->getLdapQuery()->getSingleScalarResult();
} catch (EmptyResultException $e) {
throw new AttributeConverterException(sprintf('Either the group "%s" doesn\'t exist, the user with DN "%s" is not a member of the group, the group' . ' is not a security group, or this group is already their primary group.', $name, $this->getDn()));
}
}
