[Samba] LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Jonathan Hunter
jmhunter1 at gmail.com
Mon Nov 6 14:40:18 UTC 2023
On Mon, 6 Nov 2023 at 14:32, Kees van Vloten <keesvanvloten at gmail.com> wrote:
>
>
> Op 06-11-2023 om 14:58 schreef Jonathan Hunter:
> > Interestingly, I've now found that (on my current DCs, running
> > 4.18.5), ldbsearch *does* seem to return the expected result, but the
> > same query via ldapsearch does not.
>
> What if you try to use starttls instead of ldaps?
>
> ldapseach -H ldap://dc2.mydomain.org-ZZ -x -W -D Administrator at mydomain
> -b "dc=mydomain,dc=org"
> "(&(objectCategory=Person)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=somegroup,OU=someou,DC=mydomain,DC=org))"
Good thinking. Unfortunately, identical results with ldap:// and -ZZ,
the search still doesn't return any results :(
I'll figure out a way to script restoration of the domain into
different samba versions via docker, and use git bisect to track down
when things changed.
Thanks
Jonathan
More information about the samba
mailing list