[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Changing rootdn password while it's in the db (not in slapd.conf)?

On 2/8/07, Howard Chu <hyc@symas.com> wrote:
m h wrote:
> I'll answer my own question!
> On 2/8/07, m h <sesquile@gmail.com> wrote:
>> So, now back to my original issue.  Updating the rootdn password.
>> When I try the following it fails::
>>  ldappasswd -x -v -S -w secret -D cn=Manager,dc=example,dc=com
>> cn=Manager,dc=example,dc=com
>> New password:
>> Re-enter new password:
>> ldap_initialize( <DEFAULT> )
>> Result: Insufficient access (50)
> You silly person!  You haven't set any ACLs!  If you would have read
> here [1]
> you would see how to create a group and set acl's in the slapd.conf file.

More to the point, you should not have deleted your rootdn from slapd.conf,
only the rootpw. The rootdn directive is what tells slapd that a particular
DN should be treated as the administrator. If you don't need an administrator
identity, then you should of course delete the rootdn config. But if you *do*
need one (and for 99.99% of deployments, you need one) then you should keep
the rootdn defined.

Good to know that. Thanks!