Hi Mark, On 8/18/20 2:56 PM, Mark Reynolds wrote:
The best option would be config option to disable attribute encryption for all databases but I failed to find if it is possible.You have to delete each attribute that was configured for attribute encryption (like what you did above, but you cna also use the CLI tools):https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/configuring_attribute_encryption#disabling_encryption_for_an_attribute_using_the_command_line
I didn't explicitly configure any attribute for encryption. But server any way creates encryption keys.
When I try: # dsconf cml3 backend attr-encrypt --list dc=cesnet,dc=cz There are no encrypted attributes for this backend Also:# ldapsearch -H ldap://localhost -D "cn=Directory Manager" -W -LLL -o ldif-wrap=no -b "cn=ldbm database,cn=plugins,cn=config" "(objectClass=nsAttributeEncryption)"
Enter LDAP Password: # -- ----------------------- Jan Tomasek aka Semik http://www.tomasek.cz/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
