diff --git a/tests/data/dn.out b/tests/data/dn.out
new file mode 100644
index 0000000000..f57113dfba
--- /dev/null
+++ b/tests/data/dn.out
@@ -0,0 +1,74 @@
+dn: dc=net
+objectClass: domain
+dc: net
+seeAlso:
+
+dn: dc=example,dc=net
+objectClass: domain
+objectClass: domainRelatedObject
+dc: example
+associatedDomain: example.net
+
+dn: uid=jsmith,dc=example,dc=net
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: jsmith
+description: UID=jsmith,DC=example,DC=net
+
+dn: cn=J. Smith+ou=Sales,dc=example,dc=net
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+ou: Sales
+description: OU=Sales+CN=J. Smith,DC=example,DC=net
+
+dn: cn=John Smith\2C III,dc=example,dc=net
+objectClass: inetOrgPerson
+cn: John Smith, III
+sn: Smith
+seeAlso: cn=John Smith\2C III,dc=example,dc=net
+description: CN=John Smith\, III,DC=example,DC=net
+description: CN=John Smith\2C III,DC=example,DC=net
+
+dn: ou=Sales\3B Data\2BAlgorithms,dc=example,dc=net
+objectClass: organizationalUnit
+ou: Sales; Data+Algorithms
+seeAlso: ou=Sales\3B Data\2BAlgorithms,dc=example,dc=net
+description: OU=Sales\; Data\+Algorithms,DC=example,DC=net
+description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net
+
+dn:: Y249QmVmb3JlDUFmdGVyLGRjPWV4YW1wbGUsZGM9bmV0
+objectClass: groupOfNames
+cn:: QmVmb3JlDUFmdGVy
+member:: Y249QmVmb3JlDUFmdGVyLGRjPWV4YW1wbGUsZGM9bmV0
+description: CN=Before\0dAfter,DC=example,DC=net
+
+dn: cn=\#John Smith\ ,dc=example,dc=net
+objectClass: inetOrgPerson
+cn:: I0pvaG4gU21pdGgg
+sn: Smith
+seeAlso: cn=\#John Smith\ ,dc=example,dc=net
+description: CN=\23John Smith\20,DC=example,DC=net
+description: CN=\#John Smith\ ,DC=example,DC=net
+
+dn:: Y249THXEjWnEhw==
+objectClass: inetOrgPerson
+cn:: THXEjWnEhw==
+sn:: THXEjWnEhw==
+description: CN=Lu\C4\8Di\C4\87
+
+dn: c=US
+objectClass: country
+c: US
+
+dn: o=example,c=US
+objectClass: organization
+o: example
+
+dn: cn=John Smith,o=example,c=US
+objectClass: inetOrgPerson
+cn: John Smith
+sn: Smith
+description: CN="John Smith",O=example,C=US
+
diff --git a/tests/data/slapd-dn.conf b/tests/data/slapd-dn.conf
new file mode 100644
index 0000000000..1357b2ad78
--- /dev/null
+++ b/tests/data/slapd-dn.conf
@@ -0,0 +1,41 @@
+# stand-alone slapd config -- for testing (with refint overlay)
+# $OpenLDAP$
+## This work is part of OpenLDAP Software .
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## .
+
+ucdata-path ./ucdata
+include ./schema/core.schema
+include ./schema/cosine.schema
+include ./schema/inetorgperson.schema
+include ./schema/openldap.schema
+include ./schema/nis.schema
+
+#
+pidfile ./testrun/slapd.1.pid
+argsfile ./testrun/slapd.1.args
+
+#mod#modulepath ../servers/slapd/back-@BACKEND@/
+#mod#moduleload back_@BACKEND@.la
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database @BACKEND@
+suffix ""
+directory ./testrun/db.1.a
+rootdn "cn=Manager"
+rootpw secret
+index objectClass eq
+index cn,sn,uid pres,eq,sub
+
diff --git a/tests/data/test-dn.ldif b/tests/data/test-dn.ldif
new file mode 100644
index 0000000000..adecbb5642
--- /dev/null
+++ b/tests/data/test-dn.ldif
@@ -0,0 +1,245 @@
+# Regular DNs
+dn: dc=net
+objectClass: domain
+dc: net
+seeAlso:
+
+dn: dc=example,dc=net
+objectClass: domain
+objectClass: domainRelatedObject
+dc: example
+associatedDomain: example.net
+
+# UID=jsmith,DC=example,DC=net [AoOn]
+# 304631133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 31163014060A0992268993F22C64010113066A736D697468
+dn: UID=jsmith,DC=example,DC=net
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: jsmith
+description: UID=jsmith,DC=example,DC=net
+
+# OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn]
+# 304F31133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 311F300C060355040B130553616C6573300F060355040313
+# 084A2E20536D697468
+dn: OU=Sales+CN=J. Smith,DC=example,DC=net
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+ou: Sales
+description: OU=Sales+CN=J. Smith,DC=example,DC=net
+
+# CN=John Smith\, III,DC=example,DC=net [AoOn]
+# 304831133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 311830160603550403130F4A6F686E20536D6974682C2049
+# 4949
+
+# CN=John Smith\2C III,DC=example,DC=net [AoOn]
+# 304831133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 311830160603550403130F4A6F686E20536D6974682C2049
+# 4949
+dn: CN=John Smith\, III,DC=example,DC=net
+objectClass: inetOrgPerson
+cn: John Smith, III
+sn: Smith
+seeAlso: CN=John Smith\2C III,DC=example,DC=net
+description: CN=John Smith\, III,DC=example,DC=net
+description: CN=John Smith\2C III,DC=example,DC=net
+
+dn: OU=Sales\; Data\+Algorithms,DC=example,DC=net
+objectClass: organizationalUnit
+ou: Sales; Data+Algorithms
+seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net
+description: OU=Sales\; Data\+Algorithms,DC=example,DC=net
+description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net
+
+# CN=Before\0dAfter,DC=example,DC=net [AoOn]
+# 304531133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 3115301306035504030C0C4265666F72650D4166746572
+dn: CN=Before\0dAfter,DC=example,DC=net
+objectClass: groupOfNames
+cn:: QmVmb3JlDUFmdGVy
+member: CN=Before\0dAfter,DC=example,DC=net
+description: CN=Before\0dAfter,DC=example,DC=net
+
+# CN=\23John Smith\20,DC=example,DC=net [AoOn]
+# 304531133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 311530130603550403140C234A6F686E20536D69746820
+
+# CN=\#John Smith\ ,DC=example,DC=net [AoOn]
+# 304531133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 311530130603550403140C234A6F686E20536D69746820
+dn: CN=\23John Smith\20,DC=example,DC=net
+objectClass: inetOrgPerson
+cn:: I0pvaG4gU21pdGgg
+sn: Smith
+seeAlso: CN=\#John Smith\ ,DC=example,DC=net
+description: CN=\23John Smith\20,DC=example,DC=net
+description: CN=\#John Smith\ ,DC=example,DC=net
+
+# 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn]
+# 304031133011060A0992268993F22C64011916036E657431 [AoO]
+# 173015060A0992268993F22C64011916076578616D706C65
+# 3110300E06082B060104018B3A0004024869
+# FIXME
+dn: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com
+objectClass: top
+
+# CN=Lu\C4\8Di\C4\87 [AoOn]
+# 30123110300E06035504030C074C75C48D69C487 [AoO]
+dn: CN=Lu\C4\8Di\C4\87
+objectClass: inetOrgPerson
+cn:: THXEjWnEhw==
+sn:: THXEjWnEhw==
+description: CN=Lu\C4\8Di\C4\87
+
+# 1.1.1= // empty value [AoO]
+# 300A31083006060229011300 [AoO]
+# FIXME
+dn: 1.1.1=
+objectClass: top
+
+#Invalid DNs
+# // some implementations may be liberal in what they accept
+# // but should strict in what they produce.
+
+# uid;x-option=jsmith // option [oOn]
+dn: uid;x-option=jsmith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid;x-option: jsmith
+
+# at_tr=jsmith // invalid attribute type name [AoOn]
+dn: at_tr=jsmith
+objectClass: top
+
+# -attr=jsmith // invalid attribute type name [AoOn]
+dn: -attr=jsmith
+objectClass: top
+
+# 1..1=jsmith // invalid numeric OID [AoO]
+dn: 1..1=jsmith
+objectClass: top
+
+# 1.1.=jsmith // invalid numeric OID [AoO]
+dn: 1.1.=jsmith
+objectClass: top
+
+# 01.1=jsmith // invalid numeric OID [oO]
+dn: 01.1=jsmith
+objectClass: top
+
+# 1.ff=jsmith // invalid numeric OID [AoOn]
+dn: 1.ff=jsmith
+objectClass: top
+
+# 1.1.1=#GG // invalid HEX form [AoOn]
+dn: 1.1.1=#GG
+objectClass: top
+
+# 1.1.1=#000 // invalid HEX form [AoO]
+dn: 1.1.1=#000
+objectClass: top
+
+# 1.1.1=#F // invalid HEX form [AoO]
+dn: 1.1.1=#F
+objectClass: top
+
+# 1.1.1=# // invalid HEX form [AoO]
+dn: 1.1.1=#
+objectClass: top
+
+# UID=jsmith,,DC=example,DC=net // extra comma [AoOn]
+dn: UID=jsmith,,DC=example,DC=net
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: jsmith
+
+# UID=john,smith // unescaped , [AoOn]
+dn: UID=john,smith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: john
+
+# UID=john+smith // unescaped + [AoOn]
+dn: UID=john+smith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: john
+
+# UID=john\?smith // invalid escape of ? or unescaped \ [oOn]
+dn: UID=john\?smith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: john?smith
+
+# UID=john\Fsmith // invalid hex escape [AoOn]
+dn: UID=john\Fsmith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+
+# UID=john\GGsmith // invalid hex escape [oOn]
+dn: UID=john\GGsmith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+
+
+#The following strings are invalid for use in LDAPv3, but were
+#legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are
+#liberal in accepting these but should not generate them.
+
+# " " // space, quote characters (") are not part of the string
+
+# OID.1.1=jsmith // invalid attribute type name
+dn: OID.0.9.2342.19200300.100.1.1=jsmith
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: jsmith
+description: OID.0.9.2342.19200300.100.1.1=jsmith
+
+dn: C=US
+objectClass: country
+c: US
+
+dn: O=example, C=US
+objectClass: organization
+o: example
+
+# UID=jsmith, O=example, C=US // spaces
+# UID=jsmith;O=example;C=US // semi-colons
+# // brackets [AoOn]
+dn: UID=jsmith, O=example, C=US
+objectClass: inetOrgPerson
+cn: J. Smith
+sn: Smith
+uid: jsmith
+seeAlso: UID=jsmith;O=example;C=US
+manager:
+description: UID=jsmith, O=example, C=US
+description: UID=jsmith;O=example;C=US
+description:
+
+# CN="John Smith",O=example,C=US // quotes
+dn: CN="John Smith",O=example,C=US
+objectClass: inetOrgPerson
+cn: John Smith
+sn: Smith
+description: CN="John Smith",O=example,C=US
+
diff --git a/tests/scripts/defines.sh b/tests/scripts/defines.sh
index 1a16aa8ee6..df8b999d85 100755
--- a/tests/scripts/defines.sh
+++ b/tests/scripts/defines.sh
@@ -58,6 +58,7 @@ GLUECONF=$DATADIR/slapd-glue.conf
REFINTCONF=$DATADIR/slapd-refint.conf
UNIQUECONF=$DATADIR/slapd-unique.conf
LIMITSCONF=$DATADIR/slapd-limits.conf
+DNCONF=$DATADIR/slapd-dn.conf
CONF1=$TESTDIR/slapd.1.conf
CONF2=$TESTDIR/slapd.2.conf
@@ -127,6 +128,7 @@ LDIFREF=$DATADIR/referrals.ldif
LDIFREFINT=$DATADIR/test-refint.ldif
LDIFUNIQUE=$DATADIR/test-unique.ldif
LDIFLIMITS=$DATADIR/test-limits.ldif
+LDIFDN=$DATADIR/test-dn.ldif
MONITOR=""
REFDN="c=US"
BASEDN="dc=example,dc=com"
@@ -138,6 +140,7 @@ BJORNSDN="cn=Bjorn Jensen,ou=Information Technology DivisioN,OU=People,dc=exampl
JAJDN="cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com"
REFINTDN="cn=Manager,o=refint"
UNIQUEDN="cn=Manager,o=unique"
+DNDN="cn=Manager"
LOG1=$TESTDIR/slapd.1.log
LOG2=$TESTDIR/slapd.2.log
@@ -186,6 +189,7 @@ REPLOUTMASTER=$DATADIR/repl.out.master
MODSRCHFILTERS=$DATADIR/modify.search.filters
CERTIFICATETLS=$DATADIR/certificate.tls
CERTIFICATEOUT=$DATADIR/certificate.out
+DNOUT=$DATADIR/dn.out
# Just in case we linked the binaries dynamically
LD_LIBRARY_PATH=`pwd`/../libraries:${LD_LIBRARY_PATH} export LD_LIBRARY_PATH
diff --git a/tests/scripts/test026-dn b/tests/scripts/test026-dn
new file mode 100755
index 0000000000..c8146f8bc9
--- /dev/null
+++ b/tests/scripts/test026-dn
@@ -0,0 +1,84 @@
+#! /bin/sh
+## This work is part of OpenLDAP Software .
+##
+## Copyright 2004 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## .
+
+# FIXME: temporary! bdb doesn't work
+if test "$BACKEND" != "ldbm" ; then
+ echo "Test does not support $BACKEND"
+ exit 0
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+mkdir -p $TESTDIR $DBDIR1
+
+. $CONFFILTER $BACKEND $MONITORDB < $DNCONF > $CONF1
+echo "Starting slapd on TCP/IP port $PORT1..."
+$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+KILLPIDS="$PID"
+
+echo "Testing slapd DN parsing..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 0 ; then
+ break
+ fi
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+done
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Loading database..."
+$LDAPADD -D "$DNDN" -h $LOCALHOST -p $PORT1 -w $PASSWD -c -f $LDIFDN > \
+ /dev/null 2>&1
+
+echo "Searching database..."
+
+$LDAPSEARCH -b "" -h $LOCALHOST -p $PORT1 > $SEARCHOUT 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+LDIFOUT=$DNOUT
+
+echo "Comparing ldapsearch results against original..."
+$CMP $SEARCHOUT $LDIFOUT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - DN write operations did not complete correctly"
+ exit 1
+fi
+
+#####
+
+test $KILLSERVERS != no && kill -HUP $KILLPIDS
+
+echo ">>>>> Test succeeded"
+exit 0