On Thu, 2009-09-03 at 19:29 +0200, Emmanuel Lécharny wrote: > joe wrote: > > The characters are specified in the RFC because they have special > > significance in the filter itself. I.E. * means something to the query > > processor and in LDAP filters so you have to signify that you mean the > > actual asterisk character, not the special meaning normally attributes to * > > in a filter. > > > > In a general state, a comma in a filter is fine, but a comma has special > > significance in a DN so you aren't doing it for the filter itself, but for > > the processing of the DN. > > > > Very true. A special case I didn't thought about... > > You can also escape the coma using \2C, like : > > (member=CN=Sturgis\2CGrant,OU=Users-Active,DC=test,DC=loc) > > Should work too. >
Thanks very much for the interesting discussion. It appears the \ is actually a part of the DN, as is the comma - according to the ldap results. I've found that if I escape the escape, and then escape the comma, it works. Unfortunately, I don't think we can modify the Oracle product to do this (or add the ASCII codes, which also work), so we will probably just remove the commas from all the cn (member=CN=Sturgis\\\, Grant,OU=Users-Active,DC=test,DC=loc) This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
