Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×
User Journal

Journal neutrino38's Journal: LDAP : The mystery of base 64 encoded entries

I happend to manage an LDAP directory. It contains users with French names. Those names contains accents (you know é è à and so on ...). LDAP has a nice support of this. It encode such entries in UTF-8 and reencode the result in base64 to be compliant with the original LDAP format.

By default, Fedora Directory Server use cn= as the first part of DN. As a result, when a user happend to have an accent in his/her name, it produced a base 64 encoded DN !!!

Example:

dn:: Y249SE/LTCBNaWNoZWwsb3U9cGVvcGxlLG91PXdlYnNvdXJkLG91PWFib25uZXMsZGM9aXZlcyxkYz1mcg==

Yeah. Now, how to we delete, manage such entries ? I spent a lot of time and found the solution:

1- make sure your terminal emuator is configured to handle UTF-8 as char encoding.
2- express the DN directly in UTF-8 to manipulate the entry and NOT in its base64 encoding.

For instance to delete the entry which has the above DN, do not exeute

ldapdelete ': Y249SE/LTCBNaWNoZWwsb3U9cGVvcGxlLG91PXdlYnNvdXJkLG91PWFib25uZXMsZGM9aXZlcyxkYz1mcg=='

but

ldapdelete 'cn=HOËL Michel,ou=people,ou=group,dc=example,dc=com'

I spend so much time on it...

This discussion has been archived. No new comments can be posted.

LDAP : The mystery of base 64 encoded entries

Comments Filter:

"Can you program?" "Well, I'm literate, if that's what you mean!"

Working...