[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Changing rootdn password while it's in the db (not in slapd.conf)?

On Thursday 08 February 2007, m h wrote:
> Hello-
> Thanks to the help of Michael and others I was able to migrate
> dn user from slapd.conf to the database.

Well, you didn't migrate the root dn user into the database. You *removed* the 

> (BTW should I file a bug for 
> bad documentation on example from 7.1 from [1]?)

Considering 2.2 is unsupported, no, and I don't see any problem with the 
documentation. It doesn't claim to cover anything related. You could however 
submit a patch to the documentation that improves the situation.

> Here's how I did it (for the curious and benefit of future
> users/searchers)::


> stop ldap
> comment out "rootdn" and "rootpw" from slapd.conf

That removed your root dn. So, there is no "user" or DN that has privileged 
access to the database. So, all ACLs and limits need to be explicitly set.

If you were really migrating your "root dn" to the database, you would leave 
rootdn uncommented in the slapd.conf.


Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader

Attachment: pgpCwVtdIyjVn.pgp
Description: PGP signature