Re: adding binary attribute using python-ldap

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Rahul Amaram wrote:
> Thanks for the response. I think I found the reason for the error. It seems
> to be necessary to append ";binary" to the attribute name while
> adding/modifying binary attributes.

Not for all, better to say for just a few. Sending JPEG picture data for 
attribute type 'jpegPhoto' works straight with this attribute type name.

> So for instance if I am
> adding/modifying userCertificate, I will have to use the attribute name
> "userCertificate;binary". Else you are likely to get an undefined attribute
> / binary transfer failed error.

Yes, for most attribute types which hold certificate data. This has historic 
reasons because without ;binary another LDAP-specific encoding could be 
transferred. There has never been such a encoding defined. But you MUST use 
;binary for attributes with syntax 'X.509 Certificate' (syntax OID 
1.3.6.1.4.1.1466.115.121.1.8).

See also section 2.1 of
http://www.ietf.org/rfc/rfc4523.txt

Ciao, Michael.