Symantec Directory : DXsearch returns encrypted values
search cancel

Symantec Directory : DXsearch returns encrypted values

book

Article ID: 203912

calendar_today

Updated On:

Products

CA Directory

Issue/Introduction

Why dxsearch command returns encrypted values like this:

$ dxsearch -h <ip address> -p 1389 "(uid=V*)"
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (uid=V*)
# requesting: ALL
#

# Vo\C3\9F@<domain>, ldap_demo_unit, ldap_demo, au
dn:: <BASE64 encoded data>
uid:: <BASE64 encoded data>
cn:: <BASE64 encoded data>
objectClass: top
objectClass: inetOrgPerson
objectClass: person
sn:: <BASE64 encoded data>

# search result
# search: 2
# result: 0 Success

# numResponses: 2
# numEntries: 1
$

Environment

Release : 12.x, 14.x

Component : DIRECTORY

Cause

Returned value contains non-ASCII characters

Resolution

What you see in the output from dxsearch (or ldapsearch) command is not encrypted, it's BASE64 encoded.

dxsearch command returns search result in LDIF format.
Please see this RFC doc for LDIF details: https://tools.ietf.org/html/rfc2849

In LDIF double colon after the attribute name indicates that the attribute value is BASE64 encoded.

You can decode such values using any BASE64 tool.

For instance, on Linux you can use this command:

echo <BASE64 encoded text> | base64 -d

The reason to encode a value using BASE64 is that the value contains symbols other than ASCII.

All information in LDIF is supposed to be in ASCII.