in reply to Net::LDAP problem with wildcard on applied filter

I've come across this kind of behaviour in AD before. It looks like there may be some sort of 'undocumented' feature, examining search filters, and returning a null record set on anything with too broad a scope. managedBy probably doesn't have a medial index, so your search would be insanely slow, so AD returns nothing. There is some information on efficient filtering here

Just to verify that this behaviour originates in AD, you could try doing the same search with ldapsearch from the command line.

You might get better behaviour with (managedBy=cn=Administrator*)

--------------------------------------------------------------

"If there is such a phenomenon as absolute evil, it consists in treating another human being as a thing."
John Brunner, "The Shockwave Rider".

Can you spare 2 minutes to help with my research? If so, please click here

Replies are listed 'Best First'.
Re^2: Net::LDAP problem with wildcard on applied filter
by mellin (Scribe) on Feb 10, 2006 at 10:01 UTC

    Sure, didn't think of that. I'll try with ldapsearch if it returns the same.

[reply]
Re^2: Net::LDAP problem with wildcard on applied filter
by mellin (Scribe) on Feb 10, 2006 at 13:58 UTC

    I'm getting similar results with other ldap tools as well, Microsoft AD returns nothing when trying to search by managedBy attribute. Too bad, because i would really need this functionality.

    Now i need to come up with some other ldap filter, if this doesn't work.

[reply]

In Section Seekers of Perl Wisdom