<div class="gmail_quote"><br>Hi <br><br>we have a need for 389 directory to store password in clear text, in given subtree. I have used the console to configure password policy and chose CLEAR for the encryption scheme under passwordStorageScheme, yet the passwords are still SSHA encrypted. Is there any other thing that I should do.<br>

<br># entry-id: 11<br>dn: cn=users,cn=subscribers,dc=ourcompany,dc=com<br>objectClass: top<br>objectClass: nsContainer<br>cn: users<br><br># entry-id: 14<br>dn: cn=nsPwPolicyContainer,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>

objectClass: nsContainer<br>objectClass: top<br>cn: nsPwPolicyContainer<br><br># entry-id: 15<br>dn: cn=cn\3DnsPwPolicyEntry\2Ccn\3Dusers\2Ccn\3Dsubscribers\2Cdc\3Dourcompany\2Cdc\<br> 3Dcom,cn=nsPwPolicyContainer,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>

objectClass: ldapsubentry<br>objectClass: passwordpolicy<br>objectClass: top<br>cn: cn=nsPwPolicyEntry,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>passwordMustChange: off<br>passwordExp: off<br>passwordHistory: on<br>

passwordMinAge: 0<br>passwordChange: off<br>passwordStorageScheme: clear<br>passwordInHistory: 3<br>passwordLockout: on<br>passwordLockoutDuration: 21600<br>passwordResetFailureCount: 1800<br>passwordUnlock: on<br>passwordMaxFailure: 3<br>

<br># entry-id: 16<br>dn: cn=cn\3DnsPwTemplateEntry\2Ccn\3Dusers\2Ccn\3Dsubscribers\2Cdc\3Dourcompany\2Cd<br> c\3Dcom,cn=nsPwPolicyContainer,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>objectClass: extensibleObject<br>

objectClass: costemplate<br>objectClass: ldapsubentry<br>objectClass: top<br>cosPriority: 1<br>pwdpolicysubentry: cn=cn\3DnsPwPolicyEntry\2Ccn\3Dusers\2Ccn\3Dsubscribers\2Cdc\3<br> Dourcompany\2Cdc\3Dcom,cn=nsPwPolicyContainer,cn=users,cn=subscribers,dc=ourcompany<br>

 ,dc=com<br>cn: cn=nsPwTemplateEntry,cn=users,cn=subscribers,dc=ourcompany,dc=com<br><br># entry-id: 17<br>dn: cn=nsPwPolicy_CoS,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>objectClass: ldapsubentry<br>objectClass: cosSuperDefinition<br>

objectClass: cosPointerDefinition<br>objectClass: top<br>costemplatedn: cn=cn\3DnsPwTemplateEntry\2Ccn\3Dusers\2Ccn\3Dsubscribers\2Cdc\3Do<br> urcompany\2Cdc\3Dcom,cn=nsPwPolicyContainer,cn=users,cn=subscribers,dc=ourcompany,d<br>

 c=com<br>cosAttribute: pwdpolicysubentry default operational-default<br>cn: nsPwPolicy_CoS<br><br># entry-id: 18<br>dn: uid=testuser,cn=users,cn=subscribers,dc=ourcompany,dc=com<br>givenName: U-da-man<br>uidNumber: 501<br>

gidNumber: 501<br>objectClass: top<br>objectClass: person<br>objectClass: organizationalPerson<br>objectClass: inetorgperson<br>objectClass: account<br>objectClass: radiusprofile<br>uid: testuser<br>userPassword: {SSHA}HBk8h1pkgsUocxUgPF+HNeuHF1LgYaI99co6Aw==<br>

radiusFramedMTU: 1400<br>radiusGroupName: local<br>radiusHuntgroupName: <a href="http://vpn.ourcompany.com" target="_blank">vpn.ourcompany.com</a><br>radiusRealm: <a href="http://vpn.ourcompany.com" target="_blank">vpn.ourcompany.com</a><br>
radiusServiceType: Framed-User<br>
radiusFilterId: std.ppp<br>passwordGraceUserTime: 0<br>dialupAccess: yes<br><br>There is also an attribute pwdpolicysubentry: cn=cn\3DnsPwPolicyEntry\2Ccn\3Dusers\2Ccn\3Daccounts\2Cdc\3Dourcompany\2Cdc\3Dcom,cn=nsPwPolicyContainer,cn=users,cn=accounts,dc=ourcompany,dc=com <br>

that shows up in the testuser&#39;s profile from the console that does not show up in the ldif dump.<br><br>Please help I have followed the documentation Redhat directory 8.2<br><br>thanks<br><br>
</div><br>