The Samba-Bugzilla – Bug 6493
Create LDAP referrals on onelevel/subtree searches to subpartitions
Last modified: 2010-02-25 02:53:57 UTC
At the moment we don't honour subtrees on other partitions on search lookups. Only explicit lookups (I think with explicit basedn) find them. Examples: CN=Schema,CN=Configuration,<BASEDN> under CN=Configuration,<BASEDN> and CN=Configuration,<BASEDN> under <BASEDN>.
Is this any different on Windows 2008?
This bug appears to be a feature - indeed, a subtree search (without the search options control) will only search one partition.
The only bug I can see in this area is that in this circumstance, we don't return the head of the next partition (sort of like the mount point) in the results (we should).
Exactly (...return the head of the next partition...) that I wanted to say.
Further tests have shown we should not return the head of the next partition.
Unless you can explain in more detail how we differ, I'll call this invalid
I was too vague with my argumentation.
1.) Take a normal Windows Server AD
2.) Open the domain in a normal LDAP Browser (I use for example LDAP Admin, but also Luma, GQ ... should work) or do a LDAP search
You find a reference to "CN=Configuration" - and if you open it, you find also one to "CN=Schema" -> that means, per default there are some types of referrals generated and returned
Instead, if you open e.g. ADUC you can't find them. I think this behaviour works with a special AD control.
Fixed with my work regarding referrals.