Actually I would say they can be equal, since an attribute type accept single value or not. If you look at ou (http://www.ldaps.com/?view=attributes&server_id=0&viewvalue=ou), it is not a single value attribute.

>From the little I know I would say it is possible.

On 10/6/05, Alex Karasulu <aok123@bellsouth.net> wrote:
Jérôme Baumgarten wrote:

> RFC 2253 Lightweight Directory Access Protocol (v3): UTF-8 String
> Representation of Distinguished Names
>
> Section "3. Parsing a String back to a Distinguished Name" says the
> following :
>
>distinguishedName = [name]                    ; may be empty string
>
>name       = name-component *("," name-component)
>
>name-component = attributeTypeAndValue *("+" attributeTypeAndValue)
>
>
>attributeTypeAndValue = attributeType "=" attributeValue
>
> but i do not know if you can use several times the same attributeType,
> might be in the RFC but (sorry) I do not have the time to read through
> the full RFC.

If there is no clear message that says types cannot be equal in ...

name       = name-component *("," name-component)


then I think its allow.  There are some revision documents from the LDAPBIS working
group that might mention something.  Here is the homepage for the charter:

http://www.ietf.org/html.charters/ldapbis-charter.html

Alex