[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Directory Manager (cn=config) ACLs

On Wednesday, 1 February 2012 21:52:56 Andy Carlson wrote:
> Are there any ACLs that control what cn=directory manager,cn=config can
> modify or is it a LDAP superuser sort-of account?  I only ask because I
> want to blow away my ACLs (olcAccess attributes in olcDatabase={2}bdb) and
> re-add updated ones them (I know it sounds silly, but I have valid reasons
> for doing this) and I want to make sure that I can still make these
> modifications as this directory manager even if I have no ACLs.  Thanks,

The DN that is rootdn of cn=config, will always be able to modify everything 
under cn=config, regardless of ACLs.