Hi,

I am in the process of migrating away from our ancient Oracle DSEE7 directory 
servers to OpenLDAP 2.4.44-23.el7_9.x86_64. One problem I'm experiencing when 
importing entries with attribute values encoded in base64 is:

    adding new entry "cn=LastName,ou=People,dc=cs,dc=university,dc=edu"
    ldap_add: Invalid syntax (21)
            additional info: gecos: value #0 invalid per syntax

    dn: cn=nis,cn=schema,cn=config
    objectClass: olcSchemaConfig
    cn: nis
    olcAttributeTypes: ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; 
the common name' EQUALITY 
    caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )

In this example, the "gecos" attribute has the first name "Jérémie", e.g., 
"gecos:: SsOpcsOpbWll". When I decode it using `base64 -d` it decodes just 
fine. Why can I not import this base64 encoded value, and others, using 
ldapadd? I'm binding as olcRootDN which has the appropriate permission, manage, 
as far as I can tell but have also used SASL EXTERNAL--same results.

Do I need to decode these values in my LDIF file first? I've scoured the 
internet and the archives here, so forgive me if I've missed a glaringly 
obvious thread.

Another note, I've used `./dsconf export --no-repl [...]` to avoid the DSEE7 
sync-repl operational cruft. I still had some cleaning up to do, but I still 
don't understand why the base64 values are a hard stop.

Thanks in advance,
Brian

Reply via email to