DN displayed as "hash" or something of that kind

Tagged: ,

This topic has 7 replies, 3 voices, and was last updated 5 years, 7 months ago by Bill Nelson.

  • Author
  • #13628


    While searching for all account under a given base, using ldapsearch, it appears that 8 out of 119 people have their DN displayed as something that I identify as a hash, does anyone have any idea why ?

    I’ve checked standard account and “hashed” displayed account and could not determine anything that might cause this.

    Here is the command I use for the search :

    /opt/opendj/bin/ldapsearch --countEntries -D "cn=Directory Manager" -w '******' -p *** -h localhost -b "ou=clients,dc=test,dc=com" -s sub objectclass=inetOrgPerson entryDN createTimestamp pwdChangedTime

    And here is one example of a classic display and the next one is “hashed” :

    dn: cn=Foo Bar foobar,ou=clients,dc=test,dc=com
    createTimestamp: 20161010123537Z
    pwdChangedTime: 20161011135129.473Z
    dn:: Y249QXVyw6lsaWUgUEFJTExPVVNTRSxvdT1Qcm9kLG91PUNHSSxvdT1jbGllbnRzLGRjPWVsb3F
    createTimestamp: 20161010123557Z
    pwdChangedTime: 20161010152723.501Z

    I tried to retrieve the “entryDN” attribute but this gives me the exact same behaviour….

    Any hints are welcome :)

    • This topic was modified 5 years, 7 months ago by pier.
     Bill Nelson

    That is not a hash, but is base64 encoded data. Note the two “::” in the attribute value pair.

    Data is base64 encoded when it has spaces or special characters in it. This is done by OpenDJ (or most LDAP servers) by default.

    • This reply was modified 5 years, 7 months ago by Bill Nelson.

    Pffff, so quick and clear bill, what would I do without you ;)
    I start feeling ashamed now.

    Thank you very much bill!


    Actually, this is mandated by the LDIF format (RFC 2849)… The DN above contains “cn=Aurélie…”, and the é is non an ASCII character (UTF-8).

     Bill Nelson

    Pffff, and now you know who I lean on, @pier. This guy!




    @bill-nelsonidentityfusion-com You’re too nice :)


    Thank to both of you for your valuable informations !

     Bill Nelson

    You are very welcome, @pier.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?