Handling spaces in DNs

Andrew Bartlett abartlet at samba.org
Thu Oct 25 03:31:33 GMT 2007

On Wed, 2007-10-24 at 08:27 -0400, simo wrote:
> On Wed, 2007-10-24 at 15:40 +1000, Andrew Bartlett wrote:
> > The work done a while back to limit how often we parsed and unparse a DN
> > has had an unusual side-effect, that I would like some assistance in
> > solving.
> > 
> > If we add a DN of the form:
> > 
> > cn=admins ,cn=users,dc=samba,dc=example,dc=org
> > 
> > Then the DN will remain in the database in that form, including the
> > extra space around "admins".
> This is just a bug, spaces at the end of the RDN components should just
> be removed.
> >   For maximum retention of information,
> > while retaining a normalised form, it should be added like:
> > 
> > CN=admins,CN=users,DC=samba,DC=example,DC=org
> > 
> > Do we need to add a 'normalised DN' function to LDB, or override the
> > current linearized form?  Would doing so negate the speed benefits that
> > created this approach in the first place?
> It depends how we add it and where.
> > I'm hitting this in the ldap.js test, which now actually tests this
> > area.  I've had to comment out the assert for now, see the attached
> > patch. 
> I will try to carve some time to fix this, please remind me if you don't
> see anything by the end of the week.

The other thing we need to do is ensure that the DN is formed in the
same case as the parents.  Ie, if the parents are:


Then we shouldn't allow a DN of

This falls out naturally if your DB doesn't actually include it's
parents by name, but otherwise I think we should normalise this. 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20071025/c63a1a18/attachment.bin

More information about the samba-technical mailing list