The DXpassword tool has been expanded to produce obfuscated passwords, by specifying the new encryption method CADIR. This helps shield passwords in configuration files from users with access to the computer running the DSA.
Previously, the dsa-password and ldap-dsa-password attributes could only be specified as clear-text in the DSA knowledge file.
Now, you can use the DXpassword tool with the new CADIR option to encrypt the password, and include the hash in the knowledge file. This prevents people with access to the operating system from being able to read the passwords in the knowledge file and gaining unauthorized access the LDAP server.
Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |