On 30.6.2016 15:30, opensauce . wrote:
> Hi All,
>
> I need to store user passwords with reverse encryption for an application.
>
> I know the AES plugin is enabled and available :
>
> # AES, Password Storage Schemes, plugins, config
> dn: cn=AES,cn=Password Storage Schemes,cn=plugins,cn=config
> cn: AES
> nsslapd-pluginDescription: AES storage scheme plugin
> nsslapd-pluginEnabled: on
> nsslapd-pluginId: aes-storage-scheme
> nsslapd-pluginInitfunc: aes_init
> nsslapd-pluginPath: libpbe-plugin
> nsslapd-pluginType: reverpwdstoragescheme
> nsslapd-pluginVendor: 389 Project
> nsslapd-pluginVersion: 1.3.4.0
> nsslapd-pluginarg0: nsmultiplexorcredentials
> nsslapd-pluginarg1: nsds5ReplicaCredentials
> nsslapd-pluginprecedence: 1
> objectClass: top
> objectClass: nsSlapdPlugin
> objectClass: extensibleObject
>
> How do I apply this plugin to the userPassword attribute of a single or
> multiple users?
Generally FreeIPA tries to hide passwords as much as possible even from admins
so this is not enabled by default. You might try to experiment using 389 DS
documentation [1] but there are no guarantees.
[1]
http://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/
--
Petr^2 Spacek
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
