OK, my mistake, here follows a completely detailed description.

* I have a slapd.conf as follows -----------------begin slapd.conf include schema/core.schema include schema/cosine.schema include schema/inetorgperson.schema pidfile slapd.pid argsfile slapd.args access to * attrs=userPassword by self write by anonymous auth by * none access to dn=cn=manager,c=fr by self write by * none access to * by self write by users read by anonymous read by * none database bdb suffix "c=fr" rootdn "cn=manager,c=fr" cachesize 20000 checkpoint 10000 10 directory db index objectClass,entryCSN,entryUUID eq index cn,sn eq,sub -----------------end slapd.conf * I convert this slapd.conf to a configdb: slapd -f slapd.conf -F configdb * I stop slapd. * I create the initial database with the following LDIF file: -----------------begin initial database dn: c=fr objectClass: country c: fr

dn: cn=manager,c=fr objectClass: person cn: manager sn: manager userPassword:: c2VjcmV0

dn: cn=user,c=fr objectClass: person cn: user sn: user userPassword:: dXNlcg==

dn: cn=user2,c=fr objectClass: person cn: user2 sn: user2 userPassword:: dXNlcjI= -----------------end initial database slapadd -f configdb -l initialdatabase.ldif * I edit olcDatabase={0}config.ldif file to replace olcRootDN: cn=config by olcRootDN: cn=manager,c=fr * I start slapd slapd -d 256 -F configdb * I try to bind : ldapsearch.exe -x -D cn=manager,c=fr -w secret -s base -b "" objectclass=* + It works fine. * I perform the ldap modifications with this LDIF file: -----------------begin LDAP modifications dn: olcDatabase={-1}frontend,cn=config changetype: modify replace: olcAccess olcAccess: {0}to attrs=userPassword by self write by anonymous auth by * no ne olcAccess: {1}to dn=cn=manager,c=fr by self write by * none olcAccess: {2}to * by self write by users read by anonymous read by * none

dn: olcDatabase={0}config,cn=config changetype: modify replace: olcAccess olcAccess: {0}to * by * none -----------------end LDAP modifications ldapmodify -x -D cn=manager,c=fr -w secret -f LDAPmodifications.ldif * I try to bind : ldapsearch.exe -x -D cn=manager,c=fr -w secret -s base -b "" objectclass=* + I get: ldap_bind: Invalid credentials (49) * I stop slapd I get: filter_free: unknown filter type=19008 filter_free: unknown filter type=13304 slapd stopped. filter_free: unknown filter type=13744 filter_free: unknown filter type=1264 filter_free: unknown filter type=13744 filter_free: unknown filter type=1264 and slapd crashes. * I restart slapd * I try to bind : ldapsearch.exe -x -D cn=manager,c=fr -w secret -s base -b "" objectclass=* + It works fine.