[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: "dn: cn=admin,cn=config" adding problem
On Mon, Nov 11, 2013 at 08:08:39AM -0800, Quanah Gibson-Mount wrote:
> --On Monday, November 11, 2013 3:03 PM +0400 Oleg
> <lego12239@yandex.ru> wrote:
>
> > Hello.
> >
> >Our slapd listens on outer interfaces and i want to create an access rule
> >for rootdn to allow admin access only from 127.0.0.1 ip. So, i try to add
> >"dn: cn=admin,cn=config" record to config database:
> >
> >~# cat admin.ldif
> >dn: cn=admin,cn=config
> >objectClass: person
> >cn: admin
> >sn: admin
> >userPassword: 1
> >
> >~# ldapadd -xWD 'cn=admin,cn=config' -f admin.ldif
> >Enter LDAP Password:
> >adding new entry "cn=admin,cn=config"
> >ldap_add: Object class violation (65)
> >
> >I got no extra info, just this. According to core.schema mandatory fields
> >are only cn and sn. So, i don't understand why i see this error. Can
> >anybody help me?
>
> You are trying to create a user entry in the cn=config db. Clearly
> that will not work.
ok. How can i place restrictions for admin access to cn=config db? According
to docs i must add a user to a db to do this.