[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Monitor Backend

> Hi,
> I'm using OpenLDAP-2.1.3 and i have added a "database monitor"
> directive to my slapd.conf, which works fine. But when adding a rootdn
> and rootpw directive, slapd complains with "rootpw can only
> be set when rootdn is under suffix", but the README says:
> -.-.-.-.-.-.-.--.-.-.-.-.-.-.-.-.-.-.-.-
>  the backend supports the rootdn/rootpw
> directives (only simple bind at present).
> -.--.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
> and
> -.-.-.-.-.-.--.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
> The suffix "cn=Monitor" is implicitly activated (it cannot be given  as
> a suffix of the database as usually done for conventional
> backends).
> -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
> How can i bind to the backend, as i dont't want world read access.

Dunno about 2.1.3, didn't go that far; with 2.1.10/HEAD
it works fine:

database monitor
rootdn  "cn=administrator,cn=monitor"
rootpw  secret

BTW, note that you don't need to use the rootdn to protect
your monitor backend; sinte it supports regular ACL, you can
add "access" directives that refer to entries in other
databases (assuming your configuration includes other databases).


Pierangelo Masarati