4 objectClass: domainRelatedObject
6 associatedDomain: example.com
8 dn: ou=LDAPv3,dc=example,dc=com
9 objectClass: organizationalUnit
11 description: RFC 2253 compliant DN string representation
13 dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
14 objectClass: groupOfNames
16 # at least one member must be present; thus we use the entry's DN
17 member: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com
20 member: UID=jsmith,DC=example,DC=net
21 member: OU=Sales+CN=J. Smith,DC=example,DC=net
22 member: CN=John Smith\, III,DC=example,DC=net
23 member: OU=Sales\; Data\+Algorithms,DC=example,DC=net
24 member: CN=Before\0dAfter,DC=example,DC=net
25 member: CN=\23John Smith\20,DC=example,DC=net
26 member: CN=Lu\C4\8Di\C4\87
27 # DN forms already defined as "member" in a different string representation
28 seeAlso: CN=John Smith\2C III,DC=example,DC=net
29 seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net
30 seeAlso: CN=\#John Smith\ ,DC=example,DC=net
32 description: "member" values contain specific DN forms;
33 description: "seeAlso" values contain DN forms already defined as "member",
34 description: but in a different string representation;
35 description: the following "description" values contain the "member" and
36 description: "seeAlso" DN string representations used above.
37 # list here all string representations used above in "member" and "seeAlso"
39 description: UID=jsmith,DC=example,DC=net
40 description: OU=Sales+CN=J. Smith,DC=example,DC=net
41 description: CN=John Smith\, III,DC=example,DC=net
42 description: CN=John Smith\2C III,DC=example,DC=net
43 description: OU=Sales\; Data\+Algorithms,DC=example,DC=net
44 description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net
45 description: CN=Before\0dAfter,DC=example,DC=net
46 description: CN=\23John Smith\20,DC=example,DC=net
47 description: CN=\#John Smith\ ,DC=example,DC=net
48 description: CN=Lu\C4\8Di\C4\87
50 dn: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com
51 objectClass: groupOfNames
53 member: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com
54 member: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com
56 description: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com
59 dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
60 objectClass: groupOfNames
62 member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com
63 member: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com
64 description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com // unescaped EQUALS
66 dn: cn=Must Fail 1,ou=Groups,dc=example,dc=com
67 objectClass: groupOfNames
69 member: uid;x-option=jsmith
70 description: uid;x-option=jsmith // option
72 dn: cn=Must Fail 2,ou=Groups,dc=example,dc=com
73 objectClass: groupOfNames
76 description: at_tr=jsmith // invalid attribute type name
78 dn: cn=Must Fail 3,ou=Groups,dc=example,dc=com
79 objectClass: groupOfNames
82 description: -attr=jsmith // invalid attribute type name
84 dn: cn=Must Fail 4,ou=Groups,dc=example,dc=com
85 objectClass: groupOfNames
88 dn: cn=Must Fail 5,ou=Groups,dc=example,dc=com
89 objectClass: groupOfNames
92 description: 1..1=jsmith // invalid numeric OID
94 dn: cn=Must Fail 6,ou=Groups,dc=example,dc=com
95 objectClass: groupOfNames
98 description: 1.1.=jsmith // invalid numeric OID
100 dn: cn=Must Fail 7,ou=Groups,dc=example,dc=com
101 objectClass: groupOfNames
104 description: 01.1=jsmith // invalid numeric OID
106 dn: cn=Must Fail 8,ou=Groups,dc=example,dc=com
107 objectClass: groupOfNames
110 description: 1.ff=jsmith // invalid numeric OID
112 dn: cn=Must Fail 9,ou=Groups,dc=example,dc=com
113 objectClass: groupOfNames
116 description: 1.1.1=#GG // invalid HEX form
118 dn: cn=Must Fail 10,ou=Groups,dc=example,dc=com
119 objectClass: groupOfNames
122 description: 1.1.1=#000 // invalid HEX form
124 dn: cn=Must Fail 11,ou=Groups,dc=example,dc=com
125 objectClass: groupOfNames
128 description: 1.1.1=#F // invalid HEX form
130 dn: cn=Must Fail 12,ou=Groups,dc=example,dc=com
131 objectClass: groupOfNames
134 description: 1.1.1=# // invalid HEX form
136 dn: cn=Must Fail 13,ou=Groups,dc=example,dc=com
137 objectClass: groupOfNames
139 member: UID=jsmith,,DC=example,DC=net
140 description: UID=jsmith,,DC=example,DC=net // extra comma
142 dn: cn=Must Fail 14,ou=Groups,dc=example,dc=com
143 objectClass: groupOfNames
145 member: UID=john,smith
146 description: UID=john,smith // unescaped ,
148 dn: cn=Must Fail 15,ou=Groups,dc=example,dc=com
149 objectClass: groupOfNames
151 member: UID=john+smith
152 description: UID=john+smith // unescaped +
154 dn: cn=Must Fail 16,ou=Groups,dc=example,dc=com
155 objectClass: groupOfNames
157 member: UID=john\?smith
158 description: UID=john\?smith // invalid escape of ? or unescaped \
160 dn: cn=Must Fail 17,ou=Groups,dc=example,dc=com
161 objectClass: groupOfNames
163 member: UID=john\Fsmith
164 description: UID=john\Fsmith // invalid HEX escape
166 dn: cn=Must Fail 18,ou=Groups,dc=example,dc=com
167 objectClass: groupOfNames
169 member: UID=john\GGsmith
170 description: UID=john\GGsmith // invalid HEX escape
172 # String representations we should accept for compatibility with RFC1779
173 dn: ou=LDAPv2,dc=example,dc=com
174 objectClass: organizationalUnit
176 description: RFC 1779 compliant DN string representation
178 dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com
179 objectClass: groupOfNames
182 description: " " // space, quote characters (") are not part of the string
184 dn: cn=May Succeed 2,ou=LDAPv2,dc=example,dc=com
185 objectClass: groupOfNames
187 member: OID.0.9.2342.19200300.100.1.1=jsmith
188 description: OID.0.9.2342.19200300.100.1.1=jsmith // invalid attribute type name
190 dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com
191 objectClass: groupOfNames
193 member: UID=jsmith, O=example, C=US
194 description: UID=jsmith, O=example, C=US // spaces
196 dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com
197 objectClass: groupOfNames
199 member: UID=jsmith;O=example;C=US
200 description: UID=jsmith;O=example;C=US // semi-colons
202 dn: cn=May Succeed 5,ou=LDAPv2,dc=example,dc=com
203 objectClass: groupOfNames
205 member: <UID=jsmith,O=example,C=US>
206 description: <UID=jsmith,O=example,C=US> // brackets
208 dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com
209 objectClass: groupOfNames
211 member: CN="John Smith",O=example,C=US
212 description: CN="John Smith",O=example,C=US // quotes
214 # Other DN-related syntaxes
215 dn: ou=Related Syntaxes,dc=example,dc=com
216 objectClass: organizationalUnit
219 # Name and Optional UID
220 dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
221 objectClass: groupOfUniqueNames
222 cn: Name and Optional UID
223 uniqueMember: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
225 uniqueMember: #'0010'B
226 uniqueMember: dc=example,dc=com#'1000'B
227 uniqueMember: dc=example,dc=com#'0'B
228 description: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com // only DN portion
229 description: #'1'B // empty "" DN
230 description: #'0010'B // empty "" DN with leading '0's
231 description: dc=example,dc=com#'1000'B // with DN portion
232 description: dc=example,dc=com#'0'B // with DN portion and just one '0'
234 dn: cn=Should Fail 1,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
235 objectClass: groupOfUniqueNames
237 uniqueMember: #'1234'B
238 description: #'1234'B // illegal digits other than '0' and '1'
240 dn: cn=Should Fail 2,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
241 objectClass: groupOfUniqueNames
243 uniqueMember: #'12ABCD'B
244 description: #'12ABCD'B // illegal digits and chars other than '0' and '1'
246 dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com
247 objectClass: groupOfUniqueNames
248 cn: Should Parse as DN
249 uniqueMember: dc=example,dc=com#0'B
250 uniqueMember: dc=example,dc=com#'0B
251 uniqueMember: dc=example,dc=com '0'B
252 description: dc=example,dc=com#0'B // malformed UID?
253 description: dc=example,dc=com#'0B // malformed UID?
254 description: dc=example,dc=com '0'B // malformed UID?
256 # UID=jsmith,DC=example,DC=net [AoOn]
257 # 304631133011060A0992268993F22C64011916036E657431 [AoO]
258 # 173015060A0992268993F22C64011916076578616D706C65
259 # 31163014060A0992268993F22C64010113066A736D697468
261 # OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn]
262 # 304F31133011060A0992268993F22C64011916036E657431 [AoO]
263 # 173015060A0992268993F22C64011916076578616D706C65
264 # 311F300C060355040B130553616C6573300F060355040313
267 # CN=John Smith\, III,DC=example,DC=net [AoOn]
268 # 304831133011060A0992268993F22C64011916036E657431 [AoO]
269 # 173015060A0992268993F22C64011916076578616D706C65
270 # 311830160603550403130F4A6F686E20536D6974682C2049
273 # CN=John Smith\2C III,DC=example,DC=net [AoOn]
274 # 304831133011060A0992268993F22C64011916036E657431 [AoO]
275 # 173015060A0992268993F22C64011916076578616D706C65
276 # 311830160603550403130F4A6F686E20536D6974682C2049
279 # CN=Before\0dAfter,DC=example,DC=net [AoOn]
280 # 304531133011060A0992268993F22C64011916036E657431 [AoO]
281 # 173015060A0992268993F22C64011916076578616D706C65
282 # 3115301306035504030C0C4265666F72650D4166746572
284 # CN=\23John Smith\20,DC=example,DC=net [AoOn]
285 # 304531133011060A0992268993F22C64011916036E657431 [AoO]
286 # 173015060A0992268993F22C64011916076578616D706C65
287 # 311530130603550403140C234A6F686E20536D69746820
289 # CN=\#John Smith\ ,DC=example,DC=net [AoOn]
290 # 304531133011060A0992268993F22C64011916036E657431 [AoO]
291 # 173015060A0992268993F22C64011916076578616D706C65
292 # 311530130603550403140C234A6F686E20536D69746820
294 # FIXME: currently doesn't work
295 # 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn]
296 # 304031133011060A0992268993F22C64011916036E657431 [AoO]
297 # 173015060A0992268993F22C64011916076578616D706C65
298 # 3110300E06082B060104018B3A0004024869
300 # CN=Lu\C4\8Di\C4\87 [AoOn]
301 # 30123110300E06035504030C074C75C48D69C487 [AoO]
303 # FIXME: currently doesn't work
304 # 1.1.1= // empty value [AoO]
305 # 300A31083006060229011300 [AoO]
308 # // some implementations may be liberal in what they accept
309 # // but should strict in what they produce.
311 # uid;x-option=jsmith // option [oOn]
313 # at_tr=jsmith // invalid attribute type name [AoOn]
315 # -attr=jsmith // invalid attribute type name [AoOn]
317 # 1..1=jsmith // invalid numeric OID [AoO]
319 # 1.1.=jsmith // invalid numeric OID [AoO]
321 # 01.1=jsmith // invalid numeric OID [oO]
323 # 1.ff=jsmith // invalid numeric OID [AoOn]
325 # 1.1.1=#GG // invalid HEX form [AoOn]
327 # 1.1.1=#000 // invalid HEX form [AoO]
329 # 1.1.1=#F // invalid HEX form [AoO]
331 # 1.1.1=# // invalid HEX form [AoO]
333 # UID=jsmith,,DC=example,DC=net // extra comma [AoOn]
335 # UID=john,smith // unescaped , [AoOn]
337 # UID=john+smith // unescaped + [AoOn]
339 # UID=john\?smith // invalid escape of ? or unescaped \ [oOn]
341 # UID=john\Fsmith // invalid hex escape [AoOn]
343 # UID=john\GGsmith // invalid hex escape [oOn]
345 #The following strings are invalid for use in LDAPv3, but were
346 #legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are
347 #liberal in accepting these but should not generate them.
349 # " " // space, quote characters (") are not part of the string
351 # OID.1.1=jsmith // invalid attribute type name
353 # UID=jsmith, O=example, C=US // spaces
355 # UID=jsmith;O=example;C=US // semi-colons
357 # <UID=jsmith,O=example,C=US> // brackets [AoOn]
359 # CN="John Smith",O=example,C=US // quotes