Re: Base64 Attribute Encryption

[Scot Hollingsworth <scoth@rcsd.ms>]

Here is an update .
I grabbed the data from a python script.
Correct the data is stored in plain text.

However, I did notice that a space was at the end of the text.
I removed the space at the end and now the ldapsearch shows the plain text.

Thanks ..

Scot

On Nov 9, 2011, at 7:15 AM, Christian Manal wrote:

> Am 08.11.2011 21:48, schrieb Scot Hollingsworth:
>> Hi.
>> 
>> I'm upgrading from RHEL 5 to RHEL 6.
>> I'm having no problem in RHEL 5.  
>> 
>> In RHEL 6 I'm using openldap-2.4.23-15.el6_1.3.x86_64.
>> I have the master/slave setup and working.  
>> 
>> Now, I use ldapmodify to edit an entry and instead of plain text, I getting the attribute as base64.
>> 
>> I don't want this.  I'm looking everyone but haven't found where to disable this.  
>> 
>> Anyone know?
>> 
>> Thanks.
>> 
>> Scot
>> This message may contain confidential and/or proprietary
>> information, and is intended for the person/entity to
>> whom it was originally addressed. Any use by others is
>> strictly prohibited.
>> 
>> 
> 
> 
> Hi,
> 
> base64 is not an encryption. Attributes that can not be represented as
> text are returned as a base64 string. This also applies for
> 'userPassword', since the attribute type is "octed string". You can
> usually identify base64 encoded attributes by a double colon (::) after
> the attribute name. For example:
> 
>   foo:: YmFyCg==
> 
> instead of
> 
>   foo: bar
> 
> To my current knowledge, this behavior can not be disabled.
> 
> 
> Regards,
> Christian Manal
> 


This message may contain confidential and/or proprietary
information, and is intended for the person/entity to
whom it was originally addressed. Any use by others is
strictly prohibited.