Re: How do I allow root to edit mdb database?

Am Tue, 2 Aug 2016 00:37:58 -0400 schrieb John Lewis oflameo2@gmail.com:

How do I allow root aka dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external to edit olcDatabase={1}mdb,cn=config. I am trying to configure ldapscripts https://packages.debian.org/jessie/ldapscripts, but the idea of having a password in the clear is just disturbing.

There is no password involved, if handled this correctly. The idea is that posix account of root is bound to uid number 0 and group id number 0. While data transport is done over ldapi (IPC) and a SASL EXTERNAL Mechanism is called, ipc function provides permission information to the operation. This permission id is mapped onto rootdn of cn=config. [...]

-Dieter