[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP Access Control

At 07:24 PM 2002-09-19, Ace Suares wrote:
>I'am not so concerned about matching for instance
>but I am concerned about *not* matching
>cn=Suares, Ace,ou=foo

That's actually an invalid DN.  I assume you mean:
  cn=Suares\, Ace,ou=foo

In 2.1, this DN has the normalized form:
  cn=suares\2c ace,ou=foo


will match only entries directly under ou=foo.  That is,
the only unescaped commas in normalized DNs are RDN

(Note that hexpair escaping actually makes matching
commas in values easier in general... because you don't
have to deal with escaped backslash characters.)