...in my directory ? Or is this just a "virtual" entry that exists for binding/authentication ? Best practice ?
I've got identical DITs loaded via the same LDIF file into both OpenLDAP 2.0.7 and Netscape Directory Server 4.1. Both are suffixed at entry "dn: dc=xyx,dc=com" and do not include an explicit entry for the rootDN.
Netscape directory server will allow a rootDN configuration of "cn=Directory Manager", but OpenLDAP does not seem to like this...it appears to insist that the root DN hang off the suffix as "cn=Directory Manager,dc=xyz,dc=com".
Sound familiar ?