[Samba] LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Kees van Vloten
keesvanvloten at gmail.com
Mon Nov 6 14:51:58 UTC 2023
Op 06-11-2023 om 15:40 schreef Jonathan Hunter:
> On Mon, 6 Nov 2023 at 14:32, Kees van Vloten <keesvanvloten at gmail.com> wrote:
>>
>> Op 06-11-2023 om 14:58 schreef Jonathan Hunter:
>>> Interestingly, I've now found that (on my current DCs, running
>>> 4.18.5), ldbsearch *does* seem to return the expected result, but the
>>> same query via ldapsearch does not.
>> What if you try to use starttls instead of ldaps?
>>
>> ldapseach -H ldap://dc2.mydomain.org-ZZ -x -W -D Administrator at mydomain
>> -b "dc=mydomain,dc=org"
>> "(&(objectCategory=Person)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=somegroup,OU=someou,DC=mydomain,DC=org))"
> Good thinking. Unfortunately, identical results with ldap:// and -ZZ,
> the search still doesn't return any results :(
>
> I'll figure out a way to script restoration of the domain into
> different samba versions via docker, and use git bisect to track down
> when things changed.
Another thought: you could share your smb.conf, perhaps somebody finds
the culprit, if that's the issue.
> Thanks
>
> Jonathan
More information about the samba
mailing list