On 8/18/20 9:13 AM, Jan Tomasek wrote:
Hi Mark,
On 8/18/20 2:56 PM, Mark Reynolds wrote:
The best option would be config option to disable attribute
encryption for all databases but I failed to find if it is possible.
You have to delete each attribute that was configured for attribute
encryption (like what you did above, but you cna also use the CLI
tools):
https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/configuring_attribute_encryption#disabling_encryption_for_an_attribute_using_the_command_line
I didn't explicitly configure any attribute for encryption. But server
any way creates encryption keys.
When I try:
# dsconf cml3 backend attr-encrypt --list dc=cesnet,dc=cz
There are no encrypted attributes for this backend
Also:
# ldapsearch -H ldap://localhost -D "cn=Directory Manager" -W -LLL -o
ldif-wrap=no -b "cn=ldbm database,cn=plugins,cn=config"
"(objectClass=nsAttributeEncryption)"
Enter LDAP Password:
#
Looks like you are all good then...
_______________________________________________
389-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
--
389 Directory Server Development Team
_______________________________________________
389-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
