I have several cases where ldapsearch is returning "garbled" attribute values:
In this case the mail and userPassword attribute values are incorrect. For example:
dn: uid=wang,ou=Users,dc=neteauto,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: IDMPerson mail:: V2hpdG5leS5ILldhbmdAZ3NrLmNvbSA= userPassword:: e1NIQX0vcHhuaEJyRHhDdmlKR1p0NUkyOXJ3VHBxV0E9
Notice the double colan (::) before the values. When this problem occurs there
is always a double colon by the attribute. When I view these from JXplorer the values are correct, but when I dump the
values using an ldapsearch or from JXplorer using an LDIF dump the values are incorrect. This problem also frequently occurs on users with accent characters.
The data is not not "garbled" just encoded. The values in your LDIF where a double colon "::" follows the attribute name means that the value is a Base64 encoded value.
The LDIF spec rfc2849 describes use of Base64 encoded values:
There are online Base64 Encoders/Decoders such as below that can be used to decode your attribute values:
After running these values through the decoder, you may find the values show that they all have a trailing whitespace and Per rfc2849, values or distinguished names that end with SPACE SHOULD be base-64 encoded. If your values have accent characters then they will also be Base64 encoded.