On 21/03/18 17:19, Michael Ströder wrote: > On 2018-03-21 16:42, Andre Rodier wrote: >> I want to use international characters for the "secondary" email >> addresses but and OpenLDAP is complaining about it, as invalid syntax. > > That's because attribute 'mail' is defined to be IA5String syntax > which is more or less ASCII. > >> Is there any limitation in OpenLDAP that would prevent some fields to >> be stored in UTF8 directly? > > No. But the attribute type has to be declared to use DirectoryString > syntax. > > That's why I proposed 'intlMailAddr' herein: > https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07#section-2 > > > Note that this attribute only makes sense in case of non-ASCII local part > and for use with SMTPUTF8 extensions. I currently only know of one SMTPUTF8 > implementation (postfix 3.x). > > If the mail address' domain part is non-ASCII you should store it as > IDNA encoding > (e.g. my web2ldap supports auto-converting the user's input.) > >> I have noticed that the givenName and >> surname are automatically encoded in base64 when containing accents, >> so is it a standard practice? > > The attribute values are *not* base64-encoded via LDAP. > What you're seeing as output of ldapsearch is LDIF representation > which has to be ASCII-clean (see RFC 2849). > > Ciao, Michael. >
Hello Michael, Thank you for your schema, it is working perfectly. I am adding the final LDIF file that works with OpenLDAP, so anyone can use it for their projects: > # The attribute type 'intlMailAddr' is defined for storing SMTPUTF8 > # compliant addresses [RFC6530] > # https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07 > > dn: cn=intlMailAddr,cn=schema,cn=config > objectClass: olcSchemaConfig > cn: intlMailAddr > olcAttributeTypes: ( 1.3.6.1.4.1.5427.1.389.4.18 > NAME 'intlMailAddr' > DESC 'Internationalized Email Address' > EQUALITY caseIgnoreMatch > SUBSTR caseIgnoreSubstringsMatch > SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) > olcObjectClasses: ( 1.3.6.1.4.1.5427.1.389.6.9 > NAME 'mailboxRelatedObject' > DESC 'Associated RFC 5321 mailbox for any entry' > AUXILIARY > MAY ( displayName $ mail $ intlMailAddr ) ) Tell me if I made a mistake, but so far it works perfectly. I have both Dovecot and Postfix querying internationalised email addresses, and I will have something stable enough soon. Kind regards, André -- https://github.com/progmaticltd/homebox
