On 21/03/18 17:19, Michael Ströder wrote:
On 2018-03-21 16:42, Andre Rodier wrote:
I want to use international characters for the "secondary" email addresses but and OpenLDAP is complaining about it, as invalid syntax.
That's because attribute 'mail' is defined to be IA5String syntax which is more or less ASCII.
Is there any limitation in OpenLDAP that would prevent some fields to be stored in UTF8 directly?
No. But the attribute type has to be declared to use DirectoryString syntax.
That's why I proposed 'intlMailAddr' herein: https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07#section-2
Note that this attribute only makes sense in case of non-ASCII local part and for use with SMTPUTF8 extensions. I currently only know of one SMTPUTF8 implementation (postfix 3.x).
If the mail address' domain part is non-ASCII you should store it as IDNA encoding (e.g. my web2ldap supports auto-converting the user's input.)
I have noticed that the givenName and surname are automatically encoded in base64 when containing accents, so is it a standard practice?
The attribute values are *not* base64-encoded via LDAP. What you're seeing as output of ldapsearch is LDIF representation which has to be ASCII-clean (see RFC 2849).
Ciao, Michael.
Hello Michael,
Thank you for your schema, it is working perfectly.
I am adding the final LDIF file that works with OpenLDAP, so anyone can use it for their projects:
# The attribute type 'intlMailAddr' is defined for storing SMTPUTF8 # compliant addresses [RFC6530] # https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07
dn: cn=intlMailAddr,cn=schema,cn=config objectClass: olcSchemaConfig cn: intlMailAddr olcAttributeTypes: ( 1.3.6.1.4.1.5427.1.389.4.18 NAME 'intlMailAddr' DESC 'Internationalized Email Address' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) olcObjectClasses: ( 1.3.6.1.4.1.5427.1.389.6.9 NAME 'mailboxRelatedObject' DESC 'Associated RFC 5321 mailbox for any entry' AUXILIARY MAY ( displayName $ mail $ intlMailAddr ) )
Tell me if I made a mistake, but so far it works perfectly. I have both Dovecot and Postfix querying internationalised email addresses, and I will have something stable enough soon.
Kind regards, André