3816 – Search Active Directory relies on odd semantics

Bug 3816 - Search Active Directory relies on odd semantics

Summary: Search Active Directory relies on odd semantics

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.0
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	unspecified
Hardware:	All Windows XP

Importance:	P3 trivial (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Andrew Bartlett

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-05-31 23:39 UTC by Aaron J. Angel
Modified:	2007-07-17 00:16 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aaron J. Angel 2006-05-31 23:39:05 UTC

This is in reference to the search application that is run when you click the "Search Active Directory" link in My Network Places.  Searching a Samba 4 AD yields 0 results, always.

Running Ethereal while attempting a search for a user shows that the search uses the following filter in the LDAP query:

(&(!(showInAdvancedViewOnly=TRUE))(|(&(objectCategory=person)(objectSid=*)(!(samAccountType:1.2.840.113556.1.4.804:3)))(&(objectCategory=person)(!(objectSid=*)))(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:14))))

Of note:  objectCategory is, of course, syntactically a DN.  Apparently AD allows the query filter to be a string containing just the CN of the object category, which Samba 4 doesn't yet do.

Comment 1 Andrew Bartlett 2007-07-17 00:16:51 UTC

We now support this query format.  

Can you retest with current SVN?