LDAP/AD password Encryption

Steps to enable LDAP/AD password Encryption

There are two files in which changes need to be done for the password encryption

  • server.xml and
  • dcma-encyption.properties available

The files are present at following location

  • Ephesoft\JavaAppServer\conf\server.xml
  • Ephesoft\Application\WEB-INF\classes\META-INF\dcma-user-connectivity\user-connectivity.properties


To enable password encryption for LDAP and AD following changes are needed.

  1. Change the className attribute in the <Realm … > tag in the server.xml
    By default the className attribute in the server.xml has the following value:
    <Realm className=”org.apache.catalina.realm.JNDIRealm“/>
    Change the value to the following:
    <Realm className=”com.ephesoft.realm.EphesoftRealm“/>
  2. Use an encrypted password for the connectionPassword attribute in the <Realm … > tag in the server.xml
    <Realm className=”com.ephesoft.realm.EphesoftRealm” connectionPassword = “mzoanUU1UD0rc1PvexuAKw==”/>
  3. Turn on the password.use_encryption property present in the dcma-encyption.properties available at :
  4. Use an encrypted password for the user.connectivity_password property in the dcma-userconnectivity.properties. user.connectivity_password=”mzoanUU1UD0rc1PvexuAKw==”
  5. Comment out this line using <!– before and –> after this line in the server.xml: <Realm className=”org.apache.catalina.realm.UserDatabaseRealm” resourceName=”UserDatabase”/> but be sure not to comment out the </Realm> on the next line as that closes a previous realm and not this one.

Password Encryption:

To encrypt the passwords the Encryptor.bat needs to be used available at the following location:

  • {Ephesoft-Installation-Directory}\Application\native\encryption\Encryptor.bat

On running the above .bat file, and it will ask for the password string that need to be encrypted.


The password string needs to be entered here and on pressing “Enter” the encrypted password is returned.


NOTE: The encryption algorithm and cipher strength being used by encryptor.bat from Ephesoft is PBEWithMD5AndDES (56 bits).