Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition

Defining Permissions for DNs That Contain a Comma

DNs that contain commas require special treatment within your LDIF ACI statements. In the target and bind rule portions of the ACI statement, commas must be escaped by a single backslash (\). The following example illustrates this syntax:

dn: Bolivia\, S.A. 
objectClass: top 
objectClass: organization 
aci: (target="ldap:/// Bolivia\,S.A.") (targetattr="*") 
(version 3.0; acl "aci 2"; allow (all) groupdn = 
"ldap:///cn=Directory Administrators, Bolivia\, S.A.";)