16 Sep
2009
16 Sep
'09
4:44 a.m.
Pierangelo Masarati writes:
Peter Mogensen wrote:
PS: As you can probably see, all access goes through SASL EXTERNAL. UNIX root maps to cn=config via ldapi:///,
...plus authz-regexp, I assume
remote access uses x509 certificates.
Add an ACL (either global, if there aren't any in that database, or local) that allows the identity you trust to write to that database.
Or (temporarily?) change rootdn for the HDB database to cn=config, so root won't need a password for that rootdn over ldapi://. Or use authz-regexp to map your SASL/EXTERNAL identity to the database's rootdn instead of to cn=config.
--
Hallvard