Re: Clarification on OpenLDAP Usage Configuration file for SLAPD (ITS#390)

[David J N Begley <david@avarice.nepean.uws.edu.au>]

Earlier today, BalbirS@NIIT.com wrote:

> The  configuration file for SLAPD  has the following
> structure
> 
>      database ldbm
>      suffix "dc=<MY-DOMAIN>, dc=<COM>"
>      rootdn "cn=Manager, dc=<MY-DOMAIN>, dc=<COM>"

You had this in your previous message:

  suffix "dc=your-domain, dc=com"
  rootdn "cn=root, dc=your-domain, dc=com"

That's a different rootdn.

>      rootpw secret
> 
> We  want to know in the above configuration file what are
> these attributes stand for ?
> 		<MY-DOMAIN>
> 		<COM>

You're kidding, right?  :-(

In your case, the domain is "niit.com" so instead of:

  dc=<MY-DOMAIN>, dc=<COM>

you would use:

  dc=niit, dc=com

> 		rootdn

The directory administrator DN (distinguished name) for this
database/suffix;  the rootdn is "not subject to access control or
administrative limit restrictions for operations on this database".

See:

http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/5.html#RTFToC20

> 		rootpw

"This option specifies a password for the DN given above that will always
work, regardless of whether an entry with the given DN exists or has a
password."

See:

http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/5.html#RTFToC20

> 		cn

"cn" is "common name", one of the X.500/LDAP attribute types.

> 		Is rootpw mean the password of the root in Sun Solaris OS
> 5.7?

No.

> 		Pl. explain us in detail so that it will be helpful for us

Browse through this section of the OpenLDAP FAQ-O-Matic:

  http://www.openldap.org/faq/data/cache/3.html

in order to get a basic understanding of LDAP before launching into the
establishment of LDAP services;  simply firing up an LDAP server doesn't work,
it's not a solution in itself but a tool for building solutions.

Cheers..


dave