Get an LDAP tool like http://directory.apache.org/studio/and validate your queries outside JIRA against your LDAP server. If you can get that to work, then you have a case for a bug report, if not, its a language/system incompatibility with (most likley) that character being the cause. In which case, a support call with M$, as it is reported that LDAP servers reporting V3 compatibility should trigger the Java VM to convert your query to UTF-8.

If you have developer resources, Id suggest getting the Java source, remote socket debugging JIRA running the filter, to determine exactly 'what' the LDAP filter is being converted to by Java.

The RFC seems to indicate that escaping is possible with \04\02\48\69 format within the filter (unverified) you just need to know what the unicode value is for the character in question, I couldnt paste it into http://unicodelookup.com/(dont know why)

yep, my bet is that you have an LDAP v2 connection (even if AD seems to support both 2 and 3), which means the underlying (guessing oracle) ldap filter impl converts your multibyte characters to ISO-8859 (latin-1) which could explain what you see. LDAP v3 gets converted to UTF-8.

- http://www.docjar.com/html/api/com/sun/jndi/ldap/Filter.java.html