[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8749) Proxy: LDAP-querry doesn't work for e.g (userAccountControl:1.2.840.113556.1.4.803:=2)

Full_Name: Steffen Krahl
Version: 2.4-2
OS: Ubuntu 16.04.3 LTS
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

I'm using OpenLDAP with LDAP-backend as proxy for ActiveDirectory
It's working well so far, only LDAP-queries which should exclude deactivated
users don't work. It seems slapd does not accept queries like

in particular (&(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
fails due to the part ":1.2.840.113556.1.4.803:". The query itself works fine
for ActiveDirectory itself.

to make blind test: (userAccountControl:1.2.840.113556.1.4.803:=2) will not get
any object back (but should)

I'm quite new to OpenLDAP, but it seems an issue.

performing upper query gets:
Oct  1 00:45:33 nxld01 slapd[3002]: str2filter "(&(sAMAccountType=
Oct  1 00:45:33 nxld01 kernel: [49436.933735] slapd[3005]: segfault at 18 ip
00007ff4f783d512 sp 00007ff4f1afc810 error 4 in

performing the following query
will get following log wntry:
Oct  1 00:49:07 nxld01 slapd[3033]: str2filter

seems a little bit strange