Empty namingContext#Novell's implementation leaves has a RootDSE's namingContext attribute value that maybe empty.
When there is a "ROOT" Partition on the server, there is a namingContext entry that has no value.
We have seen this cause issues with several LDAP applications and browsers.Boolean Syntax values in NDS are stored in lowercase letters (true/false) but LDAP requires uppercase values (TRUE/FALSE) according to RFC 2252, section 6.4:
6.4. Boolean ( 184.108.40.206.4.1.14220.127.116.11.7 DESC 'Boolean' ) Values in this syntax are encoded according to the following BNF: boolean = "TRUE" / "FALSE" Boolean values have an encoding of "TRUE" if they are logically true, and have an encoding of "FALSE" otherwise.In addition, EDirectory assumes if there are no values for Boolean Syntax attribute the values is FALSE.
Timestamps#EDirectory can not supply timestamps with values before 1/1/1970.
Any attribute that uses the syntax OID 18.104.22.168.4.1.1422.214.171.124.24, Description Generalized Time, will fail on trying to set a values before 1/1/1970.
You will have to create an attribute that does not use and use "Generalized Time" syntax and workaround this issue.
RFC 4517#EDirectory is not compliant GeneralizedTime syntax. The fraction is allowed, but optional.
EDirectory won't accept the fractional value and so it must be entered without the fractional value:
20120304150336ZThis can be an issue when performing imports from other LDAP Server Implementations that do support fractional GeneralizedTime values as described within
We see this as non-compliant as EDirectory should support the fractional values.
EDirectory does support the <g-differential>. In the latter case, coordinated universal time can be calculated by subtracting the differential from the local time. The "Z" form of <g-time-zone> SHOULD be used in preference to <g-differential>.
199412160532-0500The values are converted to the proper "Z" value upon imputing the value as an offset.