--On Tuesday, June 7, 2022 4:53 PM +0000 RAIMBAULT Alain - Contractor alain.raimbault@external.thalesgroup.com wrote:
Hi,
First thanks for replying and sorry for not providing enough material to help answering .
Maybe if I provide cn=config ldif files you could help providing directions ....
You should be using the LDAP tools to export the config files, and never touching anything directly in the configuration database.
For example, slapcat -n 0 -l config.ldif will export the configuration DB into LDIF format for easy consumption. You would want to ensure any password values are removed before sharing it with anyone.
In the LDIF tar file you shared, it shows that to modify cn=config, one must do a simple bind as the cn=config user, using whatever password was configured. You will need to talk to whomever manages the installation to discover that password. I'd also advise them to change it, since you publicly shared the SHA-1 hash with the world. I'd also advise them to use a more secure hashing function (At least SSHA512, or even better upgrade to a currently supported release of OpenLDAP and use ARGON2).
I.e:
ldapmodify -x -D cn=config -H ... -W
Regards, Quanah