Unable to Create User in OID 11g with Non-Leading '#' in RDN Attribute without Escaping the Character. Errors: ldap_add: Invalid DN syntax | ldap_add: additional info: Error in DN Normalization
(Doc ID 1399587.1)
Last updated on FEBRUARY 26, 2019
Applies to:
Oracle Internet Directory - Version 11.1.1 and laterInformation in this document applies to any platform.
Symptoms
Unable to create an user with non-leading '#' in RDN attribute without escaping the character, however the Oracle's documentation explains that this should be possible according to RFC 4514
Example:
$ ldapadd -p port -D cn=orcladmin -w passwd -f user.ldif
adding new entry cn=Firstname.Lastname#,cn=users,dc=company,dc=com
ldap_add: Invalid DN syntax
ldap_add: additional info: Error in DN Normalization.
sample ldif file:
----------------
dn: cn=Firstname.Lastname#,cn=users,dc=company,dc=com
cn: Firstname.Lastname#
sn: Firstname.Lastname#
objectclass: top
objectclass: person
objectclass: inetorgperson
objectclass: organizationalPerson
objectclass: orcluser
objectclass: orcluserv2
userpassword: <PASSWORD>
Oracle's documentation explains that OID 11g supports the RFC 4514 "String Representation of Distinguished Names" and from RFC pages we can see the following:
Appendix B. Changes Made since RFC 2253:
Updated the Section 3 ABNF. Changes include:
+ did not require escaping of non-leading number sign ('#' U+0023) characters
For additional information see:
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory 11g Release 1 (11.1.1)
Appendix N - RFCs Supported by Oracle Internet Directory
Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names RFC 4514
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |