[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6834) Conversion to cn=config needs more detail

On Wed, Feb 16, 2011 at 11:50:21AM +0000, Andrew Findlay wrote:

> Admin Guide Section 5.4. "Converting old style slapd.conf(5) file to cn=config
> format" suggests that it is enough to run a slapd tool with both -f and -F
> options to perform this conversion. While strictly true, this will almost
> certainly result in an un-manageable server because there is no rootPW set for
> cn=config.
> The attached patch provides guidance to avoid this trap.

It would also be useful to copy the config database clause from
slapd-config(5) into the example in the Admin Guide:

              # set a rootpw for the config database so we can bind.
              # deny access to everyone else.
              dn: olcDatabase=config,cn=config
              objectClass: olcDatabaseConfig
              olcDatabase: config
              olcRootPW: {SSHA}XKYnrjvGT3wZFQrDD5040US592LxsdLy
              olcAccess: to * by * none

|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |