OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Documentation/6546
Full headers

From: bugs@mark.ziesemer.com
Subject: Default olcRootDN of "cn=config" should be documented
Compose comment
Download message
State:
0 replies:
1 followups: 1

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 07 May 2010 14:22:49 +0000
From: bugs@mark.ziesemer.com
To: openldap-its@OpenLDAP.org
Subject: Default olcRootDN of "cn=config" should be documented
Full_Name: Mark A. Ziesemer
Version: 2.4.21
OS: Ubuntu Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2001:470:1f11:3ae:4d06:cdd1:50ce:9c64)


While using the "cn=config" configuration, I found that "cn=config" is also the
default olcRootDN.  By just configuring a olcRootPW , login to the config
database is possible using "cn=config" and the configured olcRootPW.  This
default should be documented in the admin guide, etc.

IRC user hyc on #openldap mentioned "it's been the default since 2005", but "I
can't find the reference either, perhaps we lost it."

Followup 1

Download message
Date: Tue, 18 May 2010 02:33:42 +0200 (CEST)
Subject: Re: (ITS#6546) Default olcRootDN of "cn=config" should be 
     documented
From: masarati@aero.polimi.it
To: bugs@mark.ziesemer.com
Cc: openldap-its@openldap.org
> While using the "cn=config" configuration, I found that "cn=config" is
> also the
> default olcRootDN.  By just configuring a olcRootPW , login to the config
> database is possible using "cn=config" and the configured olcRootPW.  This
> default should be documented in the admin guide, etc.

Fixed in HEAD's slapd-config(5); may be worth mentioning in the admin
guide as well.

Thanks, p.


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org