Clear Password Storage Scheme

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.

The Clear Password Storage Scheme provides a mechanism for storing user passwords in clear text, without any form of obfuscation.

NOTE: The Clear Password Storage Scheme is considered insecure and is not recommended for use in production deployments unless you are migrating data that contains password encoded in this format. In such cases, it is highly recommended that it also be configured as a deprecated password storage scheme in all relevant password policies so that users with passwords encoded in this format will automatically have those passwords re-encoded whenever they use them to authenticate to the server.
This scheme contains only an implementation for the user password syntax, with a storage scheme name of "CLEAR". The Clear Password Storage Scheme should only be used if there are client applications that specifically require this capability.

Parent Component Properties dsconfig Usage

Parent Component

The Clear Password Storage Scheme component inherits from the Password Storage Scheme

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 description  None
 enabled

Basic Properties

description

Description
A description for this Password Storage Scheme
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether the Clear Password Storage Scheme is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
This Clear Password Storage Scheme scheme is considered insecure and is not recommended for use in production deployments unless you are migrating data that contains password encoded in this format. In such cases, it is highly recommended that it also be configured as a deprecated password storage scheme in all relevant password policies so that users with passwords encoded in this format will automatically have those passwords re-encoded whenever they use them to authenticate to the server.


dsconfig Usage

To list the configured Password Storage Schemes:

dsconfig list-password-storage-schemes
     [--property {propertyName}] ...

To view the configuration for an existing Password Storage Scheme:

dsconfig get-password-storage-scheme-prop
     --scheme-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Password Storage Scheme:

dsconfig set-password-storage-scheme-prop
     --scheme-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...