[Date Prev][Date Next]
Re: cn=Log,cn=Monitor (was: Open LDAP and SNMP)
> "Pierangelo Masarati" <firstname.lastname@example.org> writes:
>>> Pierangelo Masarati wrote:
>> I don't remenber if a rootdn/rootpw is honored by the
>> backend; however it'd be of little use; my usual strategy
>> is to add ACLs that allow regular users belonging to other
>> databases to operate on monitor entries. Note that
>> changing log level affects only syslog writings and not
>> debugging output as a design choice.
> rootdn/rootpw doesn't work as there ist no suffix declaration for this
actually, there is, but it is implicitly made
when the database is defined. In future devel,
we may have the suffix be set to a user defined
value, which is stored in monitorContext
in root DSE.
> but ACLs work fine.
I checked out, and rootdn/roopw work fine together
with ACLs; try
access to * by * none
and you'll see that only rootdn can monitor the system :)