Users with a " / " in their display name won't import from AD

Travis1 · July 23, 2008, 11:12pm

I understand that the / “forward slash” is an escape character for ADSI, but not for LDAP.

Does Openfire use the ADSI, if not, why does it fail to import users with a forward slash?

NO_MESSAGES_OR_FRIEN · July 24, 2008, 12:53pm

You have already asked this question. I gave you the answer:

The forward slash is a special character that LDAP normally uses for internal purposes, as a separator between certain bits of the LDAP string. That’s why it gets confused if an object name suddenly contains a /

You can try to “escape” it with a \ - so replace your forward slash with a backslash-forward slash combo.

This also applies to a number of other special chars in LDAP, such as comma (,), dot (.), equal sign (=), and a few more as you yourself have mentioned.

Short of writing special code to automatically escape this character if found in the username there is no work around for your issue. Just because other programs have written this code does not make it the proper solution. In fact it encourages people to continue to use non-valid characters.

Travis1 · July 28, 2008, 3:18pm

What is the source for your info? Check out: http://support.microsoft.com/kb/834541

Microsoft lists the following as LDAP special characters:

LDAP special characters include the following characters:

• A space at the start of a string
• A space at the end of a string
• A number sign (#) at the beginning of a string
• Any one or more of the following characters anywhere in the string:• comma (,)
• plus sign (+)
• double quote (")
• backslash ()
• angle brackets (< or >)
• semicolon (

NO_MESSAGES_OR_FRIEN · July 29, 2008, 9:49pm

http://technet2.microsoft.com/windowsserver/en/library/8196d68e-776a-4bbc-99a6-d 8c19f36ded41033.mspx?mfr=true

Note

•
If the name of a container includes a forward slash character (/), the system requires an escape character in the form of a backslash () to distinguish between forward slashes that separate elements of the canonical name and the forward slash that is part of the container name. For example, if the name of an OU is Promotions/Northeast and the name of the domain is proseware.com, the canonical name is displayed as proseware.com/Promotions/Northeast.