views:

307

answers:

1

Recently, while putting together some code to page Active Directory results beyond sizeLimit=1000, we ran into a strange behavior/bug of AD. Specifically, if we had an OU with a space in the search base, it caused an error:

String base = "OU=Area X,OU=myserver,DC=my,DC=ad,DC=myserver,DC=com";
env.put(Context.PROVIDER_URL, "ldap://my.ad.myserver.com:389/" + base);

This is the error we received:

javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031007DB, problem 5012 (DIR_ERROR), data 0

When we remove that OU, it works fine.

What would cause this to occur? Do we need to encode the space somehow (+ and %20 only caused more issues)? Or is this generally illegal/unnecessary?

A: 

Special character escaping I would guess. Lookup LDAP special characters.

Luke