[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6834) Conversion to cn=config needs more detail

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6834) Conversion to cn=config needs more detail
From: andrew.findlay@skills-1st.co.uk
Date: Thu, 17 Feb 2011 10:02:23 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Wed, Feb 16, 2011 at 03:44:28PM -0800, Howard Chu wrote:

> >It would also be useful to copy the config database clause from
> >slapd-config(5) into the example in the Admin Guide:
> >
> >               # set a rootpw for the config database so we can bind.
> >               # deny access to everyone else.
> >               dn: olcDatabase=config,cn=config
> >               objectClass: olcDatabaseConfig
> >               olcDatabase: config
> >               olcRootPW: {SSHA}XKYnrjvGT3wZFQrDD5040US592LxsdLy
> >               olcAccess: to * by * none
> 
> That ACL is already the default. In an isolated example there's no
> need to specify it. (It is present in the slapd-config(5) example to
> ensure that it takes precedence over the olcFrontendConfig ACLs
> immediately above it.)

I was suggesting the inclusion of this entry mainly because of the
olcRootPW, but as it would go into the config example in section 5.3 at
about line 20, surely the ACL should be present for the same reason that
it is in the manpage example?

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

Prev by Date: Re: (ITS#6115) gdi32.lib required by OpenSSL+Windows
Next by Date: (ITS#6836) Conversion to cn=config needs more detail
Index(es):
- Chronological
- Thread