[Date Prev][Date Next]
Re: Securing cn=config
Michael Ströder wrote:
> Peter Mogensen wrote:
> > The FAQ says that in slapd 2.4 cn=config respects ACLs, but I can't
> > even limit auth against the rootdn with an ACL.
> Binding as rootdn always circumvents all ACLs.
It usually works not set "rootpw", but create a real object for the
rootdn and limit auth priviledged to it.
But I can't get it to work with cn=config.
My usually trick don't work, since I can't find a structural objectclass
for the object, since schemas are not loaded when slapd reads the
cn=config slapd.d directory.