Due to default behavior of LDAP/eDirectory it also adds an ACL entry
for the user who created a group/container/object, e.g. “ACL: 16#subtree#cn=User
eDirectory (Novell’s LDAP product) suprisingly allows a lot of special characters for string attribute values (such as attribute ‘description’), but it forbids plus + character.
Following characters are OK, although some are not advisable if you want to compare the values in LDAP queries etc: =,#()”‘~\@:.-/!&*^ And some of them are not allowed for CN/OU or other special attributes.