search cancel

Where is the password data of Endpoint configuration stored and what is the algorithm being used to encrypt?

book

Article ID: 188624

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

How does Identity Manager or Provisioning Server encrypt the password  data on Oracle (or DB2, MS SQL) Endpoint configuration and where is it stored?

For example, here is the capture of Oracle Endpoint configuration in Provisioning Manager. The password data is marked with a red square below.

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Resolution

The password data of Endpoint configuration is encrypted using AES encryption (https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) in Provisioning Directory when FIPS is enabled. For example, with regards Oracle Server Endpoint configuration, password data is store in eTORADirectoryPWD attribute of the following DN

eTORADirectoryName=,eTNamespaceName=Oracle Server,dc=im,DC=etadb



It will be similar for DB2, Microsoft SQL connector/Name Space.

Attachments