[Date Prev][Date Next] [Chronological] [Thread] [Top]

FW: access to * by * write (stil I can't delete the root dn)

	I'm pretty new at OpenLDAP and Linux in general, but if I understand
what you're trying to do, it would seem that what you would need to do is -

1) Make sure slapd is not running, and that the database folder is purged
2) Edit the slapd.conf file to reflect your new root dn
3) Start slapd, which should create a fresh BDB database
4) Use a text editor with good search and replace capabilities to edit your
ldif dump of your old database to reflect the new root dn
5) Import the edited ldif file

	Of course, I could be confused about what you are trying to do.

-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of jay alvarez
Sent: Wednesday, June 22, 2005 4:22 AM
To: openldap-software@OpenLDAP.org
Subject: access to * by * write (stil I can't delete the root dn)

  Before I only have one problem, that is, no matter
how I authenticate to openldap e.g; using gssapi or
just with a -x option, I still cannot delete my root
dn. It says insufficient privilege. What I wanted to
do is to change the my root dn name. I would like it
to be changed from dc=camlann,dc=pregi,dc=net to
dc=preginet. I can delete all but the root dn. So what
I did was to just delete the whole openldap-data
directory and create another one. Now I have two
problems, slapd won't start. And even if it did, I
cannot add any ldif entry because of the error object
not found. Looking at the debug.log, bdb seems to be
looking for some sort of check point(I can see some
lines containing the old root
dn-dc=camlann,dc=pregi,dc=net). Forgive me for asking
this question here for this might be a bdb question
and not openldap specific, but it just crossed my mind
that there might be some bdb library calls being
created by openldap, and if this is the case, I will
leave this question to openldap programmers.

I've read some berkeley db and seen some notes like
this one regarding locking or some sort of log
checkpoints, but I don't know if it has something to
do with my problem. 

"When designing applications that will use the log
subsystem, it is important to remember that the
application is responsible for providing any necessary
structure to the log record. For example, the
application must understand what part of the log
record is an operation code, what part identifies the
file being modified, what part is redo information,
and what part is undo information.... and many more"

Sorry I cannot give you the debug.log because I have
emptied it. I have repeated the process but it didn't
gave me the same log message as before. As I have told
you before, slapd won't even start giving some useful
log messages but now I can make it start, only I can't
do anything when it is started.

I hope you can help me
Thank you very much.

Yahoo! Sports 
Rekindle the Rivalries. Sign up for Fantasy Football