Symantec Directory : DXsearch returns encrypted values
search cancel

Symantec Directory : DXsearch returns encrypted values


Article ID: 203912


Updated On:


CA Directory


Why dxsearch command returns encrypted values like this:

$ dxsearch -h <ip address> -p 1389 "(uid=V*)"
# extended LDIF
# LDAPv3
# base <> with scope subtree
# filter: (uid=V*)
# requesting: ALL

# Vo\C3\9F@<domain>, ldap_demo_unit, ldap_demo, au
dn:: <BASE64 encoded data>
uid:: <BASE64 encoded data>
cn:: <BASE64 encoded data>
objectClass: top
objectClass: inetOrgPerson
objectClass: person
sn:: <BASE64 encoded data>

# search result
# search: 2
# result: 0 Success

# numResponses: 2
# numEntries: 1


Release : 12.x, 14.x

Component : DIRECTORY


Returned value contains non-ASCII characters


What you see in the output from dxsearch (or ldapsearch) command is not encrypted, it's BASE64 encoded.

dxsearch command returns search result in LDIF format.
Please see this RFC doc for LDIF details:

In LDIF double colon after the attribute name indicates that the attribute value is BASE64 encoded.

You can decode such values using any BASE64 tool.

For instance, on Linux you can use this command:

echo <BASE64 encoded text> | base64 -d

The reason to encode a value using BASE64 is that the value contains symbols other than ASCII.

All information in LDIF is supposed to be in ASCII.