git.samba.org - metze/samba/wip.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Tue, 22 Oct 2019 10:12:32 +0000 (12:12 +0200)
committer	Andrew Bartlett <abartlet@samba.org>
	Thu, 24 Oct 2019 09:46:28 +0000 (09:46 +0000)
commit	6d43d82b49c8cd47da2f1489fe8b52d5a873a19c
tree	17b08f868593f26aac9ae544efffadd9fc82e9c7	tree
parent	9471508391fd3bcf199b1e94f8d9ee2b956e8f8e	commit \| diff

s4:tests/dirsync: add tests for dirsync with extended_dn

This demonstrates a problems that the extended_dn returned
by the dirsync module always uses the SDDL format for GUID/SID
components.

Azure AD connect reports discovery errors:
reference-value-not-ldap-conformant
for attributes member and manager.
The key is that it sends the LDAP_SERVER_EXTENDED_DN_OID without
an ExtendedDNRequestValue blob, which means the flag value should
be treated as 0 and the HEX string format should be used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14153

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest/knownfail.d/dirsync_extended_dn	[new file with mode: 0644]	blob
source4/dsdb/tests/python/dirsync.py		diff \| blob \| history