[cifs-protocol] show-recycled and show-deleted LDAP controls

Edgar Olougouna edgaro at microsoft.com
Tue Feb 15 22:17:34 MST 2011 

Matthieu,

In the network trace, both LDAP Search requests in packet 20 (LDAP_SERVER_SHOW_RECYCLED_OID ) and 42 (LDAP_SERVER_SHOW_RECYCLED_OID ) have Filter: (isDeleted=TRUE). Because of this filter, all search result entries (packets 21 and 43) have isDeleted=TRUE, but not all of them have isRecycled present.

The show-recycled or show-deleted LDAP controls define the objects that are visible to the operation. Then the filter is applied to those objects to get the search results. 
In order to retrieve only recycled objects, I presume you need:
  + Filter: (isRecycled=TRUE) 
  + ControlType: 1.2.840.113556.1.4.2064 (LDAP_SERVER_SHOW_RECYCLED_OID)

Per MS-ADTS Section 3.1.1.1.6, when the Recycle Bin optional feature is enabled, object deletion is performed in three stages.
Stage 1. Active object transformed into a deleted object.
Stage 2. Deleted object transformed into a recycled object (after deleted-object lifetime).
Stage 3. Recycled object is garbage collected (after tombstone lifetime).

Generally, when an object has isRecycled = TRUE, it has gone through isDeleted = TRUE. 

References:
3.1.1.1.5.1 Tombstone Lifetime and Deleted-Object Lifetime
3.1.1.1.6   Attribute Syntaxes, Object References, Referential Integrity, and Well-Known Objects
3.1.1.3.4.1.14 LDAP_SERVER_SHOW_DELETED_OID
3.1.1.3.4.1.26 LDAP_SERVER_SHOW_RECYCLED_OID

Let me know whether this helps.

Regards,
Edgar

-----Original Message-----
From: Edgar Olougouna 
Sent: Friday, February 04, 2011 5:21 PM
To: 'mat at samba.org'; pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: show-recycled and show-deleted LDAP controls

Matthieu,

I am taking care of this and will update you as soon I complete my research.

Regards,
Edgar

-----Original Message-----
From: Matthieu Patou [mailto:mat at samba.org] 
Sent: Friday, February 04, 2011 5:13 AM
To: pfif at tridgell.net; Interoperability Documentation Help; cifs-protocol at samba.org
Subject: show-recycled and show-deleted LDAP controls

Dear dochelp team,

While making some tests with Windows 2008R2 I found something strange:

I get the same results if I provide the show-recycled OID
1.2.840.113556.1.4.2064 or the show-deleted OID 1.2.840.113556.1.4.417.

I would expect the first one to return the object that are recycled and deleted and the second one just the one that are deleted (so with isRecycled=No or without attribute isRecycled).

Find attached a capture between my computer and the server with both controls.

Can you explain me what I'm getting wrong ?


--
Matthieu Patou
Samba Team        http://samba.org
Private repo      http://git.samba.org/?p=mat/samba.git;a=summary

More information about the cifs-protocol mailing list