I'll answer my own question!
On 2/8/07, m h sesquile@gmail.com wrote:
So, now back to my original issue. Updating the rootdn password. When I try the following it fails:: ldappasswd -x -v -S -w secret -D cn=Manager,dc=example,dc=com cn=Manager,dc=example,dc=com New password: Re-enter new password: ldap_initialize( <DEFAULT> ) Result: Insufficient access (50)
You silly person! You haven't set any ACLs! If you would have read here [1] you would see how to create a group and set acl's in the slapd.conf file.
Here I'll give you an example, add the following to your ldif::
#add groups for acl # create FIRST Level groups branch
dn: ou=groups,dc=example,dc=com objectclass:organizationalunit ou: groups description: generic groups branch
# create the admin entry under groups dn: cn=admin,ou=groups,dc=example,dc=com objectclass: groupofnames cn: admin description: Admin group member: cn=Manager,dc=example,dc=com
Noticed how we made our rootdn user (cn=Manager,dc=example,dc=com) a member of the admin group.
Now in slapd.conf add the following::
##let admin user change everything # ACL1 see http://www.zytrax.com/books/ldap/ch5/step2.html access to attr=userpassword by self write by anonymous auth by group.exact="cn=admin,ou=groups,dc=example,dc=com" write by * none
good luck!
-matt