search for: ldap_object

...rrently running at 4.19.2 but I have run 4.18.6 and 4.18.5. I did not experience any issues with nested group lookups, which many of the filters rely on. To query a user's nested groups I use this little script (on the DCs): #!/bin/bash if [[ $# -lt 1 ]]; then ??? echo "Usage: $0 <ldap_object>" ??? echo "??? ldap_object?? name of a computer, user or group" ??? exit 1 fi OBJECT=$1 BASE_DN="DC=$(dnsdomainname | sed 's/\./,DC=/g')" # Use UID instead of sAMAccountName because it does not have the $ ending for computer accounts OBJECT_DN="$(ldbsea...

I'm quite confused by this one, as I can't see how this would happen.. but after upgrading my DCs from 4.11.10 to 4.18.5, LDAP searches don't seem to work if they use the :1.2.840.113556.1.4.1941: modifier, aka LDAP_MATCHING_RULE_IN_CHAIN. (Yes, it was a fairly big version jump.. Yes, I should have upgraded much earlier.. Yes, I know 4.19.x is out now as well) Here's a search that