Forward slashes, "/", cause a variety of failures when included in DNs and User and Group Names.
Specific cases are:
- Adding a User or adding a Group fails when the user or group contains a "/". The failure occurs before the actual create when the system is checking to see if the user already exists. If the user or group already exists in LDAP with a name containing a slash then all other operations, e.g. authenticate & search, seem to work OK.
- When a search is performed against a DN that contains a "/" it fails with an error such as :
This can be worked around by manually escaping the slash in the DN attribute e.g. ou=kelpie\2Fberrima,dc=example,dc=com
All these tests were run against OpenLDAP.