When using custom LDAP attributes, Samba seems to recognize the searchFlags confidential flag on custom attributes and hides them from all non-admin users. However, the values of the attributes can still be guessed efficiently by brute forcing them one character after another in a wildcard search query.
Created samba tracking bugs for this issue:
Affects: fedora-all [bug 1617911]
Name: Phillip Kuhrt (the Samba project)
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):