Hello devs, It would appear that the MS LDAP SDK has an issue when Apache is compiled against it.
Our Apache 2.2.9 compiled with VC6 on Windows against the MS LDAP SDK seems to have an issue when searching for a DN that contains multibyte characters (non ascii), in this case a Chinese character. The ldap_search_ext_s(...) from util_ldap.c returns with a USER_NOT_FOUND. For example, assuming a user exists in LDAP with a UID=testMBUser with a DN: cn=t我st,cn=test,ou=test1,ou=people,cn=myLdapBranch,cn=TestEnvironment,o=testerGroup The end node of cn= is the value of "t(multi-byte chinese character 'wo')st". When searching for this user the search fails. I adding some additional log output during a test compile to check the DN that is getting used/returned in util_ldap.c of Apache after the MS LDAP SDK call to ldap_search_ext_s(...). It seems to be returning a DN that gets output as cn=t?st,cn=test,ou=test1... The multi-byte character is getting returned as a ?. This seems to be further supported by doing a TCP/IP capture (with WireShark) that shows the connection is initially bound to LDAP with the correct DN (the mutli-byte character is shown in the capture), however, the search for the user later on in the capture appears to be using the ? For the multi-byte character. Apache is compiled to support unicode by default from what I can tell. A look at the ldap_search_ext_s API (http://msdn.microsoft.com/en-us/library/aa366972(VS.85).aspx) says that the function is a wrapper around ldap_search_ext_sW (Unicode) and ldap_search_ext_sA (ANSI) calls. For what it's worth I also did try using the ldap_search_ext_sW call directy inside the uldap_cache_checkuserid function but that resulted in a filter error. Has anyone experienced this before or is aware of some hidden MS LDAP SDK flag that one can set. Dan Stusynski
