5.16.3.10 Object(DS-DN)

  • Article

The LDAP representation of Object(DS-DN) is defined in section 5.16.2.1. This corresponds to DSName as follows:

The dn part of the LDAP representation is converted to a UCS-16 encoded Unicode string. Then, the attributeValue component (defined in [RFC2253]) of each RDN in the DN is canonicalized according to the following rules:

  • The first leading space, if any, is escaped as a backslash (\) followed by a space.

  • Any carriage return or line-feed characters are escaped as a backslash followed by the 2-digit hexadecimal value of that character, as specified in [RFC2253] section 2.4.

  • Any of the following characters—number sign (#), plus sign (+), comma (,), semicolon (;), quotation mark ("), left angle bracket (<), equal sign (=), right angle bracket (>), and backslash (\)—are escaped as a backslash followed by the character.

  • The trailing space, if any, is escaped as a backslash followed by a space.

The resulting string (including a terminating null character) is inserted into the StringName field of the DSNAME. The length of the string, in Unicode characters, is inserted into the NameLen field. The length of the string in the NameLen field does not include the terminating null character. The value of guid_value in LDAP representation is expressed as a GUID and inserted into the Guid field of the DSNAME structure. If the sid_value is present, it is copied into the Sid field of the DSNAME and the SidLen field is set to the length, in bytes, of the SID. If the sid_value part is not present, then the SidLen field is set to 0. The valLen field of ATTRVAL equals the length of the DSNAME structure. All the multibyte quantities in the DSNAME are stored in little-endian format.

Example:

 LDAP Value: <GUID=3ceab4a1-fc47-4a71-8195-454faa6423a3>; <SID=01050000000000051500000089598d33d3c56b6894e1f2e6f4010000>;CN=Administrator,OU=Users,DC=test,DC=com
  
 This corresponds to the following DSNAME:
  
 +0x000 structLen    : 0x8a
 +0x004 SidLen       : 0x1c
 +0x008 Guid         : 3ceab4a1-fc47-4a71-8195-454faa6423a3
 +0x018 Sid          : S-1-5-21-864901513-1751893459-3874677140-500
 +0x034 NameLen      : 0x28
 +0x038 StringName   : L"CN=Administrator,OU=Users,DC=test,DC=com"
  
  
 valLen: 138, 
  
  
 payload:
  
 8a 00 00 00 1c 00 00 00 a1 b4 ea 3c 47 fc 71 4a  ...........<G.qJ
 81 95 45 4f aa 64 23 a3 01 05 00 00 00 00 00 05  ..EO.d#.........
 15 00 00 00 89 59 8d 33 d3 c5 6b 68 94 e1 f2 e6  .....Y.3..kh....
 f4 01 00 00 28 00 00 00 43 00 4e 00 3d 00 41 00  ....(...C.N.=.A.
 64 00 6d 00 69 00 6e 00 69 00 73 00 74 00 72 00  d.m.i.n.i.s.t.r.
 61 00 74 00 6f 00 72 00 2c 00 4f 00 55 00 3d 00  a.t.o.r.,.O.U.=.
 55 00 73 00 65 00 72 00 73 00 2c 00 44 00 43 00  U.s.e.r.s.,.D.C.
 3d 00 74 00 65 00 73 00 74 00 2c 00 44 00 43 00  =.t.e.s.t.,.D.C.
 3d 00 63 00 6f 00 6d 00 00 00                    =.c.o.m...