Returns the given distinguished name on a canonical form, so it
reliably can be used in comparisons for equality. This means
removing surplus whitespace, lowercasing attributes, normalizing
quoting in string attribute values, lowercasing the hex digits in
binary attribute values, and sorting the RDN parts separated by
"+".
The returned string follows RFC 2253. The input string may
use legacy LDAPv2 syntax and is treated according to section 4 in
RFC 2253.
If strict is set then errors will be thrown if the given DN is
syntactically invalid. Otherwise the invalid parts remain
untouched in the result.