On 2018-03-21 16:42, Andre Rodier wrote:
I want to use international characters for the "secondary" email addresses but and OpenLDAP is complaining about it, as invalid syntax.
That's because attribute 'mail' is defined to be IA5String syntax which is more or less ASCII.
Is there any limitation in OpenLDAP that would prevent some fields to be stored in UTF8 directly?
No. But the attribute type has to be declared to use DirectoryString syntax.
That's why I proposed 'intlMailAddr' herein: https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07#section-2
Note that this attribute only makes sense in case of non-ASCII local part and for use with SMTPUTF8 extensions. I currently only know of one SMTPUTF8 implementation (postfix 3.x).
If the mail address' domain part is non-ASCII you should store it as IDNA encoding (e.g. my web2ldap supports auto-converting the user's input.)
I have noticed that the givenName and surname are automatically encoded in base64 when containing accents, so is it a standard practice?
The attribute values are *not* base64-encoded via LDAP. What you're seeing as output of ldapsearch is LDIF representation which has to be ASCII-clean (see RFC 2849).