On Wed, Sep 20, 2023 at 12:01:13PM +0000, Andreas Menge wrote: > Hello, > > I???m trying to get some attributes from our AD ldap. Most stuff works fine, > but it seams that OID matching rules are not handled correctly. > > eg. this works: > > ldap search -D ???myuser" -W -H my_host_up -b "OU=User,DC=example,DC=de" > "(&(proxyaddresses=*)(useraccountcontrol=512))??? > > but using the match rule does not work: > > ldap search -D "myuser" -W -H my_host_up -b "OU=User,DC=example,DC=de" > "(&(proxyaddresses=*)(useraccountcontrol:1.2.840.113556.1.4.803:=2))??? > > I also tried to only get all deactivated accounts with this filter: > ???(useraccountcontrol:1.2.840.113556.1.4.803:=2)???. No results. No error > message. But running this filter on our LDAP server works as expected. > > Has anyone an idea what might be wrong? > > Could it be a bug in how ldap(1) handles these matching rules?
ldap(1) doesn't support OIDs in filters.
