Escape ldap dn in DirectoryEntry

0

I'm trying to get DirectoryEntry from OpenLDAP server for a dn that looks like "LDAP://server/cn=John Smith+sn=Smith,ou=people,dc=corp,dc=org":

> New-Object "LDAP://server/cn=John Smith+sn=Smith,ou=people,dc=corp,dc=org", "user", "pass", "FastBind"

It returns error 0x80005000, which, I assume means that some characters in dn are not escaped. (For any dn that do not contains '+sn=' this code works fine)

Documentation states, that special characters should be escaped, but escaping dn in any way:

  • LDAP://server/cn=John Smith\+sn\=Smith,ou=people,dc=corp,dc=org
  • LDAP://server/cn=John Smith\+sn=Smith,ou=people,dc=corp,dc=org
  • LDAP://server/cn=John Smith\2Bsn\3DSmith,ou=people,dc=corp,dc=org
  • LDAP://server/cn=John Smith,ou=people,dc=corp,dc=org

Yields "There is no such object on the server".

Furthermore, parent ou don't list any children with '+sn=' substring in dn, but DirectorySearcher for specific filter, like '(cn=John Smith)', return correct result.

> $ent = New-Object "LDAP://server/ou=people,dc=corp,dc=org", "user", "pass", "FastBind"
> $ent.Children
.... 
everything, except Jonh Smith
....
> Search-ldap "(cn=John Smith)"
Path                                              Properties
----                                              ----------
LDAP://server/cn=John Smith+sn=Smith,ou=peopl...  {sambapwdlastset, telephonenumber, sn...}

LDAP Browser (based, as I assume, on dotNet LDAP component) also don't display this entry in parent ou.

So, is there any method to correctly escape dn like this?

UPDATE

Java clients work fine, wireshark shows that java sends unescaped string to get object, and dotNet sends escaped string and gets nothing.

Is it possible to escape string or reconfigure openldap server to accept escaped string?

.net
ldap
openldap
asked on Stack Overflow Feb 10, 2014 by Somescout • edited May 23, 2014 by Somescout

1 Answer

0

For Windows8 (and Server2012), there's a Hotfix from Microsoft. http://support.microsoft.com/kb/2802148

answered on Stack Overflow Feb 27, 2014 by grunge

User contributions licensed under CC BY-SA 3.0