Bug 3816 - Search Active Directory relies on odd semantics
Search Active Directory relies on odd semantics
Status: RESOLVED FIXED
Product: Samba 4.0
Classification: Unclassified
Component: Other
unspecified
All Windows XP
: P3 trivial
: ---
Assigned To: Andrew Bartlett
Andrew Bartlett
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-31 23:39 UTC by Aaron J. Angel
Modified: 2007-07-17 00:16 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aaron J. Angel 2006-05-31 23:39:05 UTC
This is in reference to the search application that is run when you click the "Search Active Directory" link in My Network Places.  Searching a Samba 4 AD yields 0 results, always.

Running Ethereal while attempting a search for a user shows that the search uses the following filter in the LDAP query:

(&(!(showInAdvancedViewOnly=TRUE))(|(&(objectCategory=person)(objectSid=*)(!(samAccountType:1.2.840.113556.1.4.804:3)))(&(objectCategory=person)(!(objectSid=*)))(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:14))))

Of note:  objectCategory is, of course, syntactically a DN.  Apparently AD allows the query filter to be a string containing just the CN of the object category, which Samba 4 doesn't yet do.
Comment 1 Andrew Bartlett 2007-07-17 00:16:51 UTC
We now support this query format.  

Can you retest with current SVN?