A Wildcard OR Search Request May Not Work Properly with Microsoft Metadirectory Services (293779)


The information in this article applies to:

  • Microsoft Metadirectory Services 2.1
  • Microsoft Metadirectory Services 2.2
  • Microsoft Metadirectory Services 2.2 SP1
This article was previously published under Q293779

SYMPTOMS

When you perform a wildcard OR (logical operation) search by means of a Web browser, the second item in the search may be ignored. For example, a Metadirectory Services server may be configured to wildcard hash a "givenName" and an "OR" search with the givenName "Mar* OR Pet*". The search string may resemble: 
ldap://MMSserver:389/ou=Employees,dc=Microsoft,dc=Com??one?(&(|(givenName=mar*)(givenName=ron*))(sn=Doe))
In this example, the following people may be under the Employees organizational unit:
  • Mary Doe
  • Martha Doe
  • Mark Doe
  • Ron Doe
  • Ronald Doe
In the following result from the preceding search request, "Ron" and "Ronald" are missing:
  • Mary Doe
  • Martha Doe
  • Mark Doe
You can change the search string to: 
ldap://MMSserver:389/ou=Employees,dc=Microsoft,dc=Com??one?(&(|(givenName=ron*)(givenName=mar*))(sn=Doe))
In the following result from the second search request, "Mary", "Martha" and "Mark" are missing:
  • Ron Doe
  • Ronald Doe

CAUSE

This problem can occur because the standard "OR" filters are not supported when a wildcard search is requested. The search filter code takes a shortcut when a wildcard character is encountered, and only performs one wildcard hash lookup. If both "Ron*" and "Mar*" are present in the filter, only "Ron*" is searched for.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Modification Type:MinorLast Reviewed:1/25/2006
Keywords:kbbug kbnofix KB293779
©2004 Microsoft Corporation. All rights reserved.