[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL Problem

To: openldap-technical@openldap.org
Subject: Re: ACL Problem
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Fri, 23 Dec 2011 11:50:34 +0200
Cc: Selcuk Yazar <selcuk.yazar@gmail.com>
In-reply-to: <CACBG-R0aj72u6MzdO5p6Ae-5iJmA9jraxXfJnyjmGptLu=bjtA@mail.gmail.com>
References: <CACBG-R0S-b-1kydp-fPmH29U6Tvyw5-HEKBrKARHE7+FRg1DLQ@mail.gmail.com> <20111222131008.3dc336b3@violet.avci.de> <CACBG-R0aj72u6MzdO5p6Ae-5iJmA9jraxXfJnyjmGptLu=bjtA@mail.gmail.com>
User-agent: KMail/1.13.7 (Linux/2.6.38.8-desktop-4.mga; KDE/4.6.5; x86_64; ; )

On Friday, 23 December 2011 11:05:17 Selcuk Yazar wrote:
> My problem is about Redhat :(

No.

OpenLDAP supports a new configuration method. It seems you haven't read any 
documentation about it.

RHEL6 defaults to using this configuration method, but you don't *have* to use 
it.

> 
> if I wantto apply slapd.conf changes, i must run
> 
> /bin/rm -rf /etc/openldap/slapd.d/*
> 

If at this point you restart slapd, it will just use slapd.conf ...

> /usr/sbin/slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d

But this step is supposed to be a one-time conversion, assuming you have a 
'database config' statement, which has a 'rootpw' option, you should be able 
to edit your configuration and have changes applied immediately, without 
restarting slapd, by using e.g. ldapmodify (or any GUI tool) by modifying the 
entries under cn=config.

Please at least read 'man slapd-config' rather than continuing. Either edit 
slapd.conf, and don't use cn=config, or only use cn=config, and never edit 
configuration files.

Regards,
Buchan

References:
- ACL Problem
  - From: Selcuk Yazar <selcuk.yazar@gmail.com>
- Re: ACL Problem
  - From: Dieter KlÃnter <dieter@dkluenter.de>
- Re: ACL Problem
  - From: Selcuk Yazar <selcuk.yazar@gmail.com>

Prev by Date: AW: password-policy configuration problems: cannot change passwords
Next by Date: Issue with index in OpenLDAP?
Index(es):
- Chronological
- Thread