Re: Adding entries to cn=config

[Dieter Kluenter <dieter@dkluenter.de>]

Am Tue, 28 Sep 2010 11:12:32 +0200
schrieb "Angel L. Mateo" <amateo@um.es>:

> El 28/09/10 09:46, Buchan Milne escribió:
> > On Tuesday, 28 September 2010 07:58:00 Angel L. Mateo wrote:
> >> El 27/09/10 15:17, Buchan Milne escribió:
> >
> >>> The config database is for configuration, not for data (e.g.
> >>> users).
> >>
> >> 	I know it
> >
> > So then why do you ask how to create users there.
> >
> 	Because I want to create a (just one) user in cn=config.
> 
> >> 	. I just want to create a user for configuration and
> >> automation (of configuration) purposes. I'm trying to configure
> >> slapd from a configuration system like puppet, so I need a user
> >> for ldap operations (instead of this I could configure slapd
> >> managing files directly, but I prefer ldap commands). Because of I
> >> want to make configuration previous to the creation of databases,
> >> I would like that user to be directly in cn=config database.
> >
> > Well, there may be other possible solutions to your *real* problem,
> > but it seems you aren't open to anything besides "creating users
> > under cn=config", it is difficult to help.
> >
> 	I don't know why you said this. I'm open to any solution that
> adjust with my problem. I don't like to create user in other
> databases, because I want to use the user before creating any
> database (I need it for a ldap deployment and configuration tool).

cn=config is NOT a user database, but only a configuration database.
As is with all databases you may define a rootdn, but that is all. If
you want to allow write access to cn=config to any other user, you may
create appropriate access rules which allow defined users or network
devices write access.

-Dieter  

-- 
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de 
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6