dxsearch returnes encrypted values
search cancel

dxsearch returnes encrypted values


Article ID: 203912


Updated On:


CA Directory


Why dxsearch command returns encrypted values like this:

$ dxsearch -h -p 1389 "(uid=V*)"
# extended LDIF
# LDAPv3
# base <> with scope subtree
# filter: (uid=V*)
# requesting: ALL

# Vo\C3\[email protected], ldap_demo_unit, ldap_demo, au
dn:: dWlkPVZvw59AZGVtb2NvcnAuY29tLG91PWxkYXBfZGVtb191bml0LG89bGRhcF9kZW1vLGM9Y
uid:: Vm/Dn0BkZW1vY29ycC5jb20=
cn:: Vm/Dn0BkZW1vY29ycC5jb20=
objectClass: top
objectClass: inetOrgPerson
objectClass: person
sn:: Vm/Dn0BkZW1vY29ycC5jb20=

# search result
# search: 2
# result: 0 Success

# numResponses: 2
# numEntries: 1


Release : 12.x, 14.x

Component : DIRECTORY


Returned value contains non-ASCII characters


What you see in the output from dxsearch (or ldapsearch) command is not encrypted, it's BASE64 encoded.

dxsearch command returns search result in LDIF format.
Please see this RFC doc for LDIF details: https://tools.ietf.org/html/rfc2849

In LDIF double colon after attribute name indicates that the attribute value is BASE64 encoded.
You can decode such values using any BASE64 tool.
For instance, on linux you can use this command:

echo <BASE64 encoded text> | base64 -d

The reason to encode a value using BASE64 is that the value contains symbols other than ASCII.
All information in LDIF is supposed to be in ASCII.