[cifs-protocol] [REG:114111212024814] [samba4][MS-ADTS] - LDAP_MATCHING_RULE_TRANSITIVE_EVAL clarification

Bryan Burgin bburgin at microsoft.com
Wed Nov 12 10:32:38 MST 2014

[dochelp to bcc]


Thank you for your question.  We created SR 114111212024814 to track this issue.  An engineer from the Protocols team will contact you soon.


-----Original Message-----
From: Samuel Cabrero [mailto:scabrero at zentyal.com] 
Sent: Wednesday, November 12, 2014 3:45 AM
To: Interoperability Documentation Help
Cc: cifs-protocol at samba.org
Subject: [samba4][MS-ADTS] - LDAP_MATCHING_RULE_TRANSITIVE_EVAL clarification

Dear dochelp team,

I am working on LDAP_MATCHING_RULE_TRANSITIVE_EVAL match rule implementation on samba and I have found that my tests fail against Windows Server 2008 R2 when the attribute value to match specified in the search filter has Object(DN-Binary) syntax, for example:

Search scope: Base
Search base DN: Domain base DN

This filter returns one entry:

This filter does not return any entry:

According to [MS-ADTS] Section I understand that the
Object(DN-Binary) syntax should be handled in the match rule implementation. Should this search return the same entry that the one returned without the extended match?

Best Regards,

Samuel Cabrero - Developer
scabrero at zentyal.com

Zentyal - Active Exchange

More information about the cifs-protocol mailing list