After commit 0776ce5caedf18aa8cc1d1dddb1a425f3d0c926c (bug 15270), one of my production LDAP queries using LDAP_MATCHING_RULE_IN_CHAIN has stopped working.

The same query using ldbsearch against sam.ldb works OK, but when the search is carried out using LDAP (either with ldbsearch or ldapsearch) it returns no results.

Example search that now returns nothing after my DC upgrades; this
exact search used to work just fine:
(&
    (objectCategory=Person)
    (sAMAccountName=*)
    (memberOf:1.2.840.113556.1.4.1941:=CN=somegroup,OU=someou,DC=mydomain,DC=org)
)

But if I remove the matching rule specifier, it does return a number of results:
(&
    (objectCategory=Person)
    (sAMAccountName=*)
    (memberOf=CN=somegroup,OU=someou,DC=mydomain,DC=org)
)