Hi Mark,
On 8/18/20 2:56 PM, Mark Reynolds wrote:
>> The best option would be config option to disable attribute encryption
>> for all databases but I failed to find if it is possible.
>
> You have to delete each attribute that was configured for attribute
> encryption (like what you did above, but you cna also use the CLI tools):
>
> https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/configuring_attribute_encryption#disabling_encryption_for_an_attribute_using_the_command_line
I didn't explicitly configure any attribute for encryption. But server
any way creates encryption keys.
When I try:
# dsconf cml3 backend attr-encrypt --list dc=cesnet,dc=cz
There are no encrypted attributes for this backend
Also:
# ldapsearch -H ldap://localhost -D "cn=Directory Manager" -W -LLL -o
ldif-wrap=no -b "cn=ldbm database,cn=plugins,cn=config"
"(objectClass=nsAttributeEncryption)"
Enter LDAP Password:
#
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
No comments:
Post a Comment