On Mon, Nov 11, 2013 at 08:08:39AM -0800, Quanah Gibson-Mount wrote:
--On Monday, November 11, 2013 3:03 PM +0400 Oleg lego12239@yandex.ru wrote:
Hello.
Our slapd listens on outer interfaces and i want to create an access rule for rootdn to allow admin access only from 127.0.0.1 ip. So, i try to add "dn: cn=admin,cn=config" record to config database:
~# cat admin.ldif dn: cn=admin,cn=config objectClass: person cn: admin sn: admin userPassword: 1
~# ldapadd -xWD 'cn=admin,cn=config' -f admin.ldif Enter LDAP Password: adding new entry "cn=admin,cn=config" ldap_add: Object class violation (65)
I got no extra info, just this. According to core.schema mandatory fields are only cn and sn. So, i don't understand why i see this error. Can anybody help me?
You are trying to create a user entry in the cn=config db. Clearly that will not work.
ok. How can i place restrictions for admin access to cn=config db? According to docs i must add a user to a db to do this.