Yes it is fixed,

But in your fix, only the rootpw password works. If we have the rootdn also= as a dn stored inside the ldap tree then openldap does not tries to bind t= o the dn of the tree if the rootpw is incorrect

if we use the same code segment of bind.cpp written for back-bdb which is:

/* allow noauth binds */ switch ( be_rootdn_bind( op, NULL ) ) { case LDAP_SUCCESS: /* frontend will send result */ return rs->sr_err; default: break; } And the rootpw is not matched, then slapd will continue to search the ldap = tree and if it finds a dn and its userPassword matches, then it authenticat= es. If an appropriate dn / password is not found in the tree, then it throu= ghs the invalid credentials error.

Maybe the bind-dbd way is more correct?