Using command line

Edit online

You can issue the command provided here to encrypt an attribute, say for instance the uid attribute using the AES encryption scheme.

About this task

ldapmodify –D <adminDN> –w <adminPW>
dn: cn=schema
changetype: modify
replace: attributetypes
attributetypes:( 0.9.2342.19200300.100.1.1 NAME 'uid' DESC 'Typically a user 
 shortname or userid.' 
EQUALITY 1.3.6.1.4.1.1466.109.114.2 ORDERING 2.5.13.3 SUBSTR 2.5.13.4 
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications ) 
-
replace: IBMAttributetypes
IBMAttributetypes:( 0.9.2342.19200300.100.1.1 DBNAME( 'uid''uid' ) 
ACCESS-CLASS normal LENGTH 256 EQUALITY ORDERING SUBSTR APPROX 
ENCRYPT AES256 SECURE-CONNECTION-REQUIREDRETURN-VALUEencrypted))