[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Base64 Attribute Encryption

To: openldap-technical@openldap.org
Subject: Re: Base64 Attribute Encryption
From: Christian Manal <moenoel@informatik.uni-bremen.de>
Date: Wed, 09 Nov 2011 14:15:47 +0100
In-reply-to: <7807_1320785286_4EB99586_7807_5385258_1_79FABB49-DE90-41FE-B4A7-7536C9ED116D@rcsd.ms>
References: <7807_1320785286_4EB99586_7807_5385258_1_79FABB49-DE90-41FE-B4A7-7536C9ED116D@rcsd.ms>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:5.0) Gecko/20110805 Icedove/5.0

Am 08.11.2011 21:48, schrieb Scot Hollingsworth:
> Hi.
> 
> I'm upgrading from RHEL 5 to RHEL 6.
> I'm having no problem in RHEL 5.  
> 
> In RHEL 6 I'm using openldap-2.4.23-15.el6_1.3.x86_64.
> I have the master/slave setup and working.  
> 
> Now, I use ldapmodify to edit an entry and instead of plain text, I getting the attribute as base64.
> 
> I don't want this.  I'm looking everyone but haven't found where to disable this.  
> 
> Anyone know?
> 
> Thanks.
> 
> Scot
> This message may contain confidential and/or proprietary
> information, and is intended for the person/entity to
> whom it was originally addressed. Any use by others is
> strictly prohibited.
> 
> 


Hi,

base64 is not an encryption. Attributes that can not be represented as
text are returned as a base64 string. This also applies for
'userPassword', since the attribute type is "octed string". You can
usually identify base64 encoded attributes by a double colon (::) after
the attribute name. For example:

   foo:: YmFyCg==

instead of

   foo: bar

To my current knowledge, this behavior can not be disabled.


Regards,
Christian Manal

Follow-Ups:
- Re: Base64 Attribute Encryption
  - From: Scot Hollingsworth <scoth@rcsd.ms>

References:
- Base64 Attribute Encryption
  - From: Scot Hollingsworth <scoth@rcsd.ms>

Prev by Date: Re: Base64 Attribute Encryption
Next by Date: Re: Need help with failing test
Index(es):
- Chronological
- Thread