[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Base64 Attribute Encryption

Am 08.11.2011 21:48, schrieb Scot Hollingsworth:
> Hi.
> I'm upgrading from RHEL 5 to RHEL 6.
> I'm having no problem in RHEL 5.  
> In RHEL 6 I'm using openldap-2.4.23-15.el6_1.3.x86_64.
> I have the master/slave setup and working.  
> Now, I use ldapmodify to edit an entry and instead of plain text, I getting the attribute as base64.
> I don't want this.  I'm looking everyone but haven't found where to disable this.  
> Anyone know?
> Thanks.
> Scot
> This message may contain confidential and/or proprietary
> information, and is intended for the person/entity to
> whom it was originally addressed. Any use by others is
> strictly prohibited.


base64 is not an encryption. Attributes that can not be represented as
text are returned as a base64 string. This also applies for
'userPassword', since the attribute type is "octed string". You can
usually identify base64 encoded attributes by a double colon (::) after
the attribute name. For example:

   foo:: YmFyCg==

instead of

   foo: bar

To my current knowledge, this behavior can not be disabled.

Christian Manal