[Date Prev][Date Next]
Re: (ITS#5690) cn=config cannot be rootdn
--On Tuesday, September 09, 2008 4:52 PM +0000 email@example.com wrote:
> Quanah Gibson-Mount wrote:
>> --On Tuesday, September 09, 2008 10:10 AM +0000 firstname.lastname@example.org wrote:
>>> email@example.com wrote:
>>>> In OpenLDAP 2.3, it was possible to set the rootdn of the main database
>>>> to be cn=config. This no longer works in OpenLDAP 2.4, but seems like
>>>> it should be valid to me.
>>>> cn=config is *clearly* under ""
>>> No, cn=config is *clearly* under cn=config, which comes earlier than "".
>>> But then you don't need to set rootpw.
>> Ah, I see. So this is more just a behavior change between 2.3 and 2.4.
> Well, I don't think they changed that much. If you expose cn=config
> then any DN in that namespace will belong to the back-config; if you
> don't expose it, then it will belong to "". I think you weren't using
> the same slapd.conf with 2.3 and 2.4, if you noticed a different behavior.
Hm, you're right, I mixed parts of a stock 2.4 slapd.conf with my 2.3
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration