[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Questions about the Monitor Backend

On 9 mai 09, at 10:47, Howard Chu wrote:

Thierry Lacoste wrote:
On 9 mai 09, at 08:06, Howard Chu wrote:

The admin guide says:
A monitor (slapd-monitor(5)) now needs a rootdn entry. If you do not
have one, slapd will fail to start up with an error message like so:

base="cn=databases,cn=monitor" scope=one

unable to find entry
            backend_startup_one: bi_db_open failed! (1)
slap_startup failed (test would succeed using the -u switch)

Am I the only one to not experience this? Or is it going to happen
somewhere in the 2.4 series?

If your default ACL allows general read access to cn=monitor, then you won't see any problems. If you define ACLs to restrict access to cn=monitor, then you'll need to define a rootdn.

Well I restrict acces and I have no rootdn and slapd works like a charm.

database monitor
access to dn.subtree="cn=monitor"
        by dn.exact="the_rootdn_of_my_main_database" write
	by * none

This ACL is working as expected.

I have nothing else in my slapd.conf regarding monitor (except "moduleload back_monitor").

FWIW this is slapd 2.4.16 on FreeBSD 6.4.