On Wed, Aug 15, 2012 at 3:14 PM, sergio mailbox@sergio.spb.ru wrote:
On 08/15/2012 11:08 AM, Michael Ströder wrote:
If you want to process LDIF then be prepared to process any LDIF data
compliant to RFC 2849. Period.
RFC 2849 doesn't say any special about userPassword and why it should be base64 encoded.
From notes on ldif syntax :
4) Any dn or rdn that contains characters other than those defined as "SAFE-UTF8-CHAR", or begins with a character other than those defined as "SAFE-INIT-UTF8-CHAR", above, MUST be base-64 encoded. Other values MAY be base-64 encoded. *Any value that contains characters other than those defined as "SAFE-CHAR", or begins with a character other than those defined as "SAFE-INIT-CHAR", above, MUST be base-64 encoded. Other values MAY be base-64 encoded.*
8) *Values or distinguished names that end with SPACE SHOULD be base-64 encoded.*
SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-7F ; any value <= 127 decimal except NUL, LF, ; and CR
If you are sure there is nothing but SAFE-CHAR, check for space or and non-ascii charset.
Sometimes there are invisible characters in eg. latin1 that will "hide" in a charset capable editor.
(characters other than US-ASCII would be encoded also - view data with a dumber text editor)
Cheers Brett