[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5690) cn=config cannot be rootdn

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5690) cn=config cannot be rootdn
From: ando@sys-net.it
Date: Tue, 9 Sep 2008 10:10:26 GMT

quanah@zimbra.com wrote:

> In OpenLDAP 2.3, it was possible to set the rootdn of the main database to be
> cn=config.  This no longer works in OpenLDAP 2.4, but seems like it should be
> valid to me.

...

> cn=config is *clearly* under ""

No, cn=config is *clearly* under cn=config, which comes earlier than "". 
  As such, auth'ing as cn=config will be intercepted by back-config, 
hence the config error.

> and changing it to "cn=config,dc=junk" works. 
> So it's specific to the term "cn=config".  Changing it to "cn=joe" works just
> fine.  It also doesn't seem to care that I use "cn=config" with back-monitor...

But then you don't need to set rootpw.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

Prev by Date: Re: (ITS#5656) Bind operations with translucent overlay
Next by Date: (ITS#5691) malloc withou check
Index(es):
- Chronological
- Thread