Please, add support LDAP_SERVER_EXTENDED_DN_OID microsoft extension

[styleex]

It's protocol extension is very useful for query the user with his list of security groups GUID in a single request

More info: https://msdn.microsoft.com/en-us/library/aa366980(v=vs.85).aspx http://ldap3.readthedocs.io/ldap3.protocol.microsoft.html#ldap3.protocol.microsoft.ExtendedDN

[noirello]

I'm planning to add this control, but first I need to configure an Active Directory test environment on AppVeyor which takes time.

Also, I need some insights from you how this control can be used:

• Why is this way better than add the GUID and ObjectSID attributes to the search list?
• The <GUID=xxxxxxxx>;<SID=yyyyyyyyy>;distinguishedName format will break the regex for the LDAPDN object and generally doesn't seem like a good idea to assign the extended format to the LDAPEntry's dn attribute. Would it help if the LDAPEntry objects have a separate readonly extended_dn attribute that would store the extended DN as string?

[styleex]

In my case, I want to get the user list with his list of security groups GUID in a single request (and their GUID). Algoritm without extended_dn control:

1. query the user list with his member_of attribute
2. for each user, for each group in member_of attribute query the guid In result i get very many requests instead of one, what is very critical for me.

I think, what separate extended_dn attribute is the best variant.

[noirello]

I see, didn't think about that one. Thank you, I will look into it as soon as possible.

[noirello]

New set_extended_dn method is added to LDAPClient to set extended dn control in the new release (v0.8.9) which is just published. Please, try it and if you find any bug or have some ideas about improving the module about extended DN feel free to reopen this issue or open a new one.