Igor Shmukler wrote:
If there is no way to grant access to all records across all databases to cn=config [because it is not a user], I would go for having a [different] user who can delete records in multiple DITs[, by invoking LDAPI or whatever].
You should really analyze this example configuration: https://build.opensuse.org/package/view_file/home:stroeder:branches:network:ldap/openldap2/slapd.conf.example?expand=1 Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature