$OpenLDAP: slapd 2.5.11
Hi, i've a weird case where olcLastBind defaults to TRUE. When using convert (slaptest) method. and explicit lastbind to off/false has no effect.
#Initialize slapd with convert method slaptest -f /etc/openldap/slapd.conf.init -F /etc/openldap/slapd.d/ slapcat -n0 | grep LastBind
olcAttributeTypes: ( OLcfgDbAt:0.22 NAME 'olcLastBind' EQUALITY booleanMatch S olcLastMod $ olcLastBind $ olcLimits $ olcMaxDerefDepth $ olcPlugin $ olcRea olcLastBind: TRUE olcLastBind: TRUE olcLastBind: TRUE olcLastBind: TRUE
Tested with minimal config: # stand-alone slapd config include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/openldap.schema include /etc/openldap/schema/nis.schema #include /etc/openldap/schema/test.schema
# allow big PDUs from anonymous (for testing purposes) sockbuf_max_incoming 4194303
moduleload back_ldap
####################################################################### # database definitions ####################################################################### database config
database mdb suffix "dc=example,dc=com" rootdn "cn=Manager,dc=example,dc=com" rootpw secret directory /var/lib/ldap lastbind off
database monitor
Best regards,