[Date Prev][Date Next] [Chronological] [Thread] [Top]

rootpw ignored if userPassword exists

To: openldap-software@openldap.org
Subject: rootpw ignored if userPassword exists
From: Andreas Hasenack <ahasenack@terra.com.br>
Date: Fri, 15 Jun 2007 11:00:00 -0300
Content-disposition: inline
User-agent: Mutt/1.5.15 (2007-04-06)

I was just wondering if this is expected behaviour.

If rootdn happens to match an existing entry in the directory, and that
entry has a userPassword attribute, the rootpw value in slapd.conf is
ignored and userPassword is used instead.

I find this a bit unexpected. Suppose someone manages to create an entry
matching rootdn. Then this person would be able to become rootdn,
bypassing the rootpw setting in slapd.conf.

Follow-Ups:
- Re: rootpw ignored if userPassword exists
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: rootpw ignored if userPassword exists
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Checking authzTo case-sensitive
Next by Date: Re: Checking authzTo case-sensitive
Index(es):
- Chronological
- Thread