Using Special Characters
Active Directory and other LDAP-based user directories allow special characters in entities such as DNs, user names, roles, and group names. Special handling may be required for Oracle Hyperion Shared Services to understand such characters.
Generally, you must use escape characters while specifying special characters in user directory settings; for example, Base DN and user and group URLs. The following table lists the special characters that can be used in user names, group names, user URLs, group URLs, and in the value of OU in user DN.
Table 3-8 Supported Special Characters
| Character | Name or Meaning | Character | Name or Meaning |
|---|---|---|---|
( |
open parenthesis | $ |
dollar |
) |
close parenthesis | + |
plus |
" |
quotation mark | & |
ampersand |
' |
single quotation mark | \ |
backslash |
, |
comma | ^ |
caret |
= |
equal to | ; |
semicolon |
< |
less than | # |
pound |
> |
greater than | @ |
at |
Note:
Do not use / (slash) in organization unit names that come within the Base DN- Special characters are not permitted in the value of the Login User attribute.
- The asterisk (*) is not supported in user names, group names, user and group URLs, and in the name of the OU in User DN.
- Attribute values containing a combination of special characters are not supported.
- The ampersand (&) can be used without an escape character.
For Active Directory settings, & must be specified as
&. - User and group names cannot contain both a backslash (\) and slash (/). For example, names such as
test/\userandnew\test/userare not supported.
Table 3-9 Characters that Need Not be Escaped
| Character | Name or Meaning | Character | Name or Meaning |
|---|---|---|---|
( |
open parenthesis | ' |
single quote |
) |
close parenthesis | ^ |
caret |
$ |
dollar | @ |
at |
& |
Ampersand | ||
Note:
& must be stated as &.
These characters must be escaped if you use them in user directory settings (user names, group names, user URLs, group URLs and User DN).
Table 3-10 Escape for Special Characters in User Directory Configuration Settings
| Special Character | Escape | Example Setting | Escaped Example |
|---|---|---|---|
comma (,)
|
backslash (\)
|
ou=test,ou |
ou=test\,ou |
plus sign (+)
|
backslash (\)
|
ou=test+ou |
ou=test\+ou |
equal to (=)
|
backslash (\)
|
ou=test=ou |
ou=test\=ou |
pound (#)
|
backslash (\)
|
ou=test#ou |
ou=test\#ou |
semicolon (;)
|
backslash (\)
|
ou=test;ou |
ou=test\;ou |
less than (<)
|
backslash (\)
|
ou=test<ou |
ou=test\<ou |
greater than (>)
|
backslash (\)
|
ou=test>ou |
ou=test\>ou |
quotation mark (")
|
two backslashes (\\)
|
ou=test"ou |
ou=test\\"ou |
backslash (\)
|
three backslashes (\\\)
|
ou=test\ou |
ou=test\\\\ou |
Note:
- In User DNs, quotation mark (
") must be escaped with one backslash. For example,ou=test"oumust be specified asou=test\"ou. - In User DNs, a backslash (\) must be escaped with one backslash. For example,
ou=test\oumust be specified asou=test\\ou.
Caution:
If the user URL is unspecified, users created within the RDN root must not contain / (slash) or \ (backslash). Similarly, these characters should not be used in the names of groups created within the RDN root if a group URL is not specified. For example, group names such as OU=child\ou,OU=parent/ou or OU=child/ou,OU=parent\ou are not supported. This issue does not apply if you are using a unique attribute as the ID Attribute in the user directory configuration.
Special Characters in Native Directory
special characters are supported in user and group names in Native Directory.
Table 3-11 Supported Special Characters: Native Directory
| Character | Name or Meaning | Character | Name or Meaning |
|---|---|---|---|
@ |
at | , |
comma |
# |
pound | = |
equal to |
$ |
dollar | + |
plus |
^ |
caret | ; |
semicolon |
( |
open parenthesis | ! |
exclamation |
) |
close parenthesis | % |
percent |
' |
single quotation mark |