[cifs-protocol] [REG:114111212024814] [samba4][MS-ADTS] 3.1.1.3.4.4.3 - LDAP_MATCHING_RULE_TRANSITIVE_EVAL clarification
Bryan Burgin
bburgin at microsoft.com
Wed Nov 12 10:32:38 MST 2014
[dochelp to bcc]
[+casemail]
Samuel,
Thank you for your question. We created SR 114111212024814 to track this issue. An engineer from the Protocols team will contact you soon.
Bryan
-----Original Message-----
From: Samuel Cabrero [mailto:scabrero at zentyal.com]
Sent: Wednesday, November 12, 2014 3:45 AM
To: Interoperability Documentation Help
Cc: cifs-protocol at samba.org
Subject: [samba4][MS-ADTS] 3.1.1.3.4.4.3 - LDAP_MATCHING_RULE_TRANSITIVE_EVAL clarification
Dear dochelp team,
I am working on LDAP_MATCHING_RULE_TRANSITIVE_EVAL match rule implementation on samba and I have found that my tests fail against Windows Server 2008 R2 when the attribute value to match specified in the search filter has Object(DN-Binary) syntax, for example:
Search scope: Base
Search base DN: Domain base DN
This filter returns one entry:
wellKnownObjects=B:32:aa312825768811d1aded00c04fd8d5cd:CN=computers,<base
DN>
This filter does not return any entry:
wellKnownObjects:1.2.840.113556.1.4.1941:=B:32:aa312825768811d1aded00c04fd8d5cd:CN=computers,<base
DN>
According to [MS-ADTS] Section 3.1.1.3.4.4.3 I understand that the
Object(DN-Binary) syntax should be handled in the match rule implementation. Should this search return the same entry that the one returned without the extended match?
Best Regards,
--
Samuel Cabrero - Developer
scabrero at zentyal.com
Zentyal - Active Exchange
www.zentyal.com
More information about the cifs-protocol
mailing list