On 03/23/2012 11:37 AM, Nick Milas wrote:
23/3/2012 11:44 ÏÎ, stefano wrote:
Do i have to specify it or the
administrator has the access right to every attribute?
"Regardless of what access control policy is defined, the rootdn
is always allowed full rights (i.e. auth, search, compare, read
and write) on everything and anything.
As a consequence, it's useless (and results in a performance
penalty) to explicitly list the rootdn among the <by>