[cifs-protocol] show-recycled and show-deleted LDAP controls

Edgar Olougouna edgaro at microsoft.com
Wed Feb 16 23:30:43 MST 2011 

Matthieu,

The LDAP_SERVER_SHOW_DELETED_OID (section 3.1.1.3.4.1.14) control is used with an LDAP operation to specify that tombstones and deleted-objects are visible to the operation.
The LDAP_SERVER_SHOW_RECYCLED_OID is used with an LDAP operation to specify that tombstones, deleted-objects, and recycled-objects are visible to the operation.
When the LDAP_SERVER_SHOW_RECYCLED_OID (section 3.1.1.3.4.1.26) control is used with an LDAP search operation, the search results include any tombstones, deleted-objects, or recycled-objects that match the search filter. 
The above controls specify respectively which subset of objects is visible to the search, the results will simply match the filter, in your trace Filter: (isDeleted=TRUE).

Also I wanted to double check that your forest functional level is Windows Server 2008 R2. This is required prior to enabling the Recycle Bin optional feature, which in turn is required for recycled objects functionality.

MS-ADTS 3.1.1.8.1 Recycle Bin Optional Feature
The Recycle Bin optional feature requires a Forest Functional Level of DS_BEHAVIOR_WIN2008R2 or greater.

When the Recycle Bin optional feature is enabled, object deletion is performed in three stages.
Stage 1. Active object transformed into a deleted object (isDeleted=TRUE).
Stage 2. Deleted object transformed into a recycled object (after deleted-object lifetime, isRecycled=TRUE).
Stage 3. Recycled object is garbage collected (after tombstone lifetime).

Let me know whether this helps.

Regards,
Edgar

-----Original Message-----
From: Matthieu Patou [mailto:mat at samba.org] 
Sent: Wednesday, February 16, 2011 1:06 AM
To: Edgar Olougouna
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: Re: show-recycled and show-deleted LDAP controls

Hello Edgar,

> Matthieu,
>
> In the network trace, both LDAP Search requests in packet 20 
> (LDAP_SERVER_SHOW_RECYCLED_OID ) and 42 (LDAP_SERVER_SHOW_RECYCLED_OID 
> )
For packet 42 it's show deleted control unless I'm misunderstanding.
> have Filter: (isDeleted=TRUE). Because of this filter, all search result entries (packets 21 and 43) have isDeleted=TRUE, but not all of them have isRecycled present.
Sure, but what is worth noting and what was my question is why when you only specify the the show deleted you have also the recycled as it's the case in packet 43.
> The show-recycled or show-deleted LDAP controls define the objects that are visible to the operation. Then the filter is applied to those objects to get the search results.
> In order to retrieve only recycled objects, I presume you need:
>    + Filter: (isRecycled=TRUE)
>    + ControlType: 1.2.840.113556.1.4.2064 
> (LDAP_SERVER_SHOW_RECYCLED_OID)
Why not but can you explain me why if I specify just
1.2.840.113556.1.4.417 (LDAP_SERVER_SHOW_DELETED_OID) I have potentially entries that are recycled and those who are not.

I would expect the following logic:

1) no recycled or deleted control => return objects that comply to the filter and have (isDeleted != True or isRecycled != True)
2) show deleted control =>return objects that comply to the filter and have  isRecycled != True
3) show recycled control =>return objects that comply to the filter


Can you check ?

Regards.

Matthieu.

> -----Original Message-----
> From: Edgar Olougouna
> Sent: Friday, February 04, 2011 5:21 PM
> To: 'mat at samba.org'; pfif at tridgell.net; cifs-protocol at samba.org
> Subject: RE: show-recycled and show-deleted LDAP controls
>
> Matthieu,
>
> I am taking care of this and will update you as soon I complete my research.
>
> Regards,
> Edgar
>
> -----Original Message-----
> From: Matthieu Patou [mailto:mat at samba.org]
> Sent: Friday, February 04, 2011 5:13 AM
> To: pfif at tridgell.net; Interoperability Documentation Help; 
> cifs-protocol at samba.org
> Subject: show-recycled and show-deleted LDAP controls
>
> Dear dochelp team,
>
> While making some tests with Windows 2008R2 I found something strange:
>
> I get the same results if I provide the show-recycled OID
> 1.2.840.113556.1.4.2064 or the show-deleted OID 1.2.840.113556.1.4.417.
>
> I would expect the first one to return the object that are recycled and deleted and the second one just the one that are deleted (so with isRecycled=No or without attribute isRecycled).
>
> Find attached a capture between my computer and the server with both controls.
>
> Can you explain me what I'm getting wrong ?
>
>
> --
> Matthieu Patou
> Samba Team        http://samba.org
> Private repo      http://git.samba.org/?p=mat/samba.git;a=summary
>
>


--
Matthieu Patou
Samba Team        http://samba.org
Private repo      http://git.samba.org/?p=mat/samba.git;a=summary

More information about the cifs-protocol mailing list