Abdelhamid Meddeb wrote:
Be careful with this kind of change and keep in mind that after
olcRooPW you don't have a true rootdn at all.
A true rootdn don't need any explicitly right access by the ACLs, but the
pseudo (new) rootdn need it, and if no rule grant him the access the operation
There is no such thing as a pseudo rootdn.
1. Either you have rootdn directive set or not.
Note: It is needed for some overlays.
2. Either you have rootpw directive set or not.
I always use slapd -h "ldapi://.." omit rootpw and have the following
Then user root can always locally authenticate without a password like this:
ldawhoami -H ldapi:// -Y EXTERNAL