Re: How do I allow root to edit mdb database?

[Ryan Tandy <ryan@nardis.ca>]

On Tue, Aug 02, 2016 at 12:37:58AM -0400, John Lewis wrote:
> How do I allow root aka
> dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external to edit
> olcDatabase={1}mdb,cn=config.

Besides olcAuthRegex mentioned by other posters, setting up an explicit 
access control entry for that DN is another option.

If you installed slapd from the Debian archive, the default access rules 
for the config database include:

# Config db settings
dn: olcDatabase=config,cn=config
objectClass: olcDatabaseConfig
olcDatabase: config
# Allow unlimited access to local connection from the local root user
olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break

You could grant root-like access to the root user by copying that access 
line to your mdb database.