On 9 mai 09, at 10:47, Howard Chu wrote:
Thierry Lacoste wrote:On 9 mai 09, at 08:06, Howard Chu wrote:The admin guide says: A monitor (slapd-monitor(5)) now needs a rootdn entry. If you do not have one, slapd will fail to start up with an error message like so: monitor_back_register_entry_attrs(""): base="cn=databases,cn=monitor" scope=one filter="(namingContexts:distinguishedNameMatch:=dc=example,dc=com)": unable to find entry backend_startup_one: bi_db_open failed! (1)slap_startup failed (test would succeed using the -u switch)Am I the only one to not experience this? Or is it going to happen somewhere in the 2.4 series?If your default ACL allows general read access to cn=monitor, then you won't see any problems. If you define ACLs to restrict access to cn=monitor, then you'll need to define a rootdn.
Well I restrict acces and I have no rootdn and slapd works like a charm.
database monitor
access to dn.subtree="cn=monitor"
by dn.exact="the_rootdn_of_my_main_database" write
by * none
This ACL is working as expected.
I have nothing else in my slapd.conf regarding monitor (except
"moduleload back_monitor").
FWIW this is slapd 2.4.16 on FreeBSD 6.4. Regards, Thierry