[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP browsers and cn=config

To: Gervase Markham <gerv@mozilla.org>
Subject: Re: LDAP browsers and cn=config
From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Date: Mon, 7 Mar 2011 18:56:07 +0000
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <4D75155B.6020901@mozilla.org>
References: <4D75155B.6020901@mozilla.org>
User-agent: Mutt/1.5.20 (2009-06-14)

On Mon, Mar 07, 2011 at 05:26:51PM +0000, Gervase Markham wrote:

> How does one use an LDAP browser to view and change the cn=config config?
> 
> I am using the OpenLDAP 2.4.23 package from Ubuntu 10.10, and have
> been using both "luma" and more recently ApacheDS. I have tried an
> enormous number of ways all afternoon, but feel I'm stumbling in the
> dark. Do I have to use a special bind DN and password, or should the
> RootDN and password for my normal data do? If it's special, what is
> it? Where is it configured?

Most browsers treat the schema DN as a special case. In Apache
Directory Studio, right-click on the LDAP connection and select 'open
schema browser'. jXplorer has the schema in a separate panel/tab.

> I can view the data using ldapsearch, as root:
> 
>   ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config

You should normally be able to view schema when bound anonymously.

For permission to change it through LDAP, maybe you should be looking
at ACLs rather than rootDN?

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

References:
- LDAP browsers and cn=config
  - From: Gervase Markham <gerv@mozilla.org>

Prev by Date: Re: LDAP browsers and cn=config
Next by Date: Re: execve problem with back-shell
Index(es):
- Chronological
- Thread