Re: (ITS#4965) slapd stops if access to cn=monitor is restricted - openldap-bugs

4 Jun 2007


      Hi Pierangelo;
As you requested, you find below my simplified slapd.conf.
If I comment the line "access to dn.sub="cn=monitor" by * read",  then slapd
cannot start.
Best regards
Ali
====================================================
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/ppolicy.schema
pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args
access to attrs=userPassword
    by anonymous auth
    by * none
access to dn.sub="cn=monitor" by * read
access to *
    by * none
database monitor
database        bdb
serverID        1
suffix          "c=fr"
rootdn          cn=admin,ou=internal,o=gouv,c=fr
rootpw          {SSHA}1QuNDW3pqQDP93tMcyXo6ClZBJ2VP5XG
directory       /produits/bdb/data
checkpoint      1000000 10
index   objectClass,entryCSN,entryUUID                  eq
index   uid,cn                                          eq,sub,pres
overlay syncprov
syncprov-checkpoint 1000 10
syncprov-sessionlog 1000
syncprov-reloadhint TRUE
overlay ppolicy
ppolicy_hash_cleartext