[Samba] LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Jonathan Hunter
jmhunter1 at gmail.com
Thu Nov 9 23:29:43 UTC 2023
Hi Andrew,
Sorry for the couple of days silence; I've been creating a bash script
to use with 'git bisect' (it's been a little slow in my testing, as
the script compiles each version before testing the query with
ldapsearch, and it takes a little while to re-run when I have been
debugging it)
On Mon, 6 Nov 2023 at 19:30, Andrew Bartlett <abartlet at samba.org> wrote:
> > Op 06-11-2023 om 14:58 schreef Jonathan Hunter:
> > > Interestingly, I've now found that (on my current DCs, running
> > > 4.18.5), ldbsearch *does* seem to return the expected result, but
> > > the
> > > same query via ldapsearch does not.
>
> Just to narrow this down, can you look into ldbsearch -H ldap:// vs
> ldapsearch -H ldap://
>
> This will eliminate some protocol issues between the codebases.
Of course.
As of 4.18.5:
- ldbsearch -H ldap:// - FAIL
- ldbsearch -H sam.ldb - PASS
- ldapsearch -H ldap:// - FAIL
I'm trying my 'git bisect' script overnight but I'm not certain I have
it 100% right yet. If that does fail I can always manually pick a
couple of tags/commits to try individually - you suggested I pick out
the CVE changes from the log, which I'll then do if I can't get 'git
bisect' working in the next couple of days.
Thank you,
Jonathan
More information about the samba
mailing list