Requirements of LDAP DN Value
All Distinguished Name (DN) values provided in LDAP authentication configuration of IBM® Db2® Data Management Console must follow the syntax that is defined by 'String Representation of Distinguished Names'.
Characters that require escaping from DN
Some 'special characters' are escaped when used in attribute values of any RDN value of a DN value. They are comma (,), semi-column (;), plus (+), less than (<), greater than (>), equals (=), double quote ("), back slash (\), sharp (#) and leading and tailing spaces of an attribute value.
Sharp mark (#), leading and tailing spaces used in attribute values of DN are not supported in IBM Db2 Data Management Console.
Name | Original Character | Escaped Value | Hexadecimal Value |
---|---|---|---|
Comma | , | \, | \2C |
Semicolon | ; | \; | \3B |
Plus | + | \+ | \2B |
Less than | < | \< | \3C |
Greater than | > | \> | \3E |
Equals | = | \= | \3D |
Double quote | " | \" | \22 |
Back slash | \ | \\ | \5C |
CN=Group\, Admin,OU=Groups,DC=example,DC=com
or
CN=Group\2C Admin,OU=Groups,DC=example,DC=com
Control Characters and Spaces
All control characters, hexadecimal values in Unicode from 00 to 1F (otherwise called as C0 controls) and 7F (delete) are not allowed to be used in any value of LDAP authentication configuration data and will be removed.
IBM Db2 Data Management Console only supports common whitespace character (hexadecimal value 20 in Unicode) in authentication configuration data. Non-breaking space (hexadecimal value A0 in Unicode) is not supported, and will be replaced with common whitespace.