For retrieving nested user groups, i was using ldap_matching_rule_in_chain. This used to work fine until i came across common names in AD having comma in the middle. That is, users have been configured as LastName, First Name.
So, if i have a user-dn as CN=John Doe, dc=wsa,dc=com my nested query works fine However, if i have a user-dn as CN=John\, Doe,dc=wsa,dc=com, my AD is not returning me any entries.
Upon doing packet capture i observed that in the filter looks like we are stripping of \ character from the user-dn. So, the actual filter which reached to AD looks like this Filter: (member:1.2.840.113556.1.4.1941:=CN=John, Doe,CN=Users,DC=wsa,DC=cisco,DC=com)
Can anyone suggest how to handle the common names having comma while dealing with ldap_matching_rule_in_chain?
