--On Monday, April 03, 2017 7:01 PM +0200 huret deffgok <kadafax(a)gmail.com>
Yes there is a olcRootDN (and its password) for the mdb database. But if
I understand correctly the olcRootDN is valid only for its database.
Anyway this olcRootDN and associated password don't work with the config
database. As for the ACL, again but maybe I'm wrong, from the
documentation it seems that the RootDN is always allowed whatever are the
ACLs. And I can't change them neither as I bump in the same problem as
for the login level :(
How to access cn=config may vary depending on if you're using vendor
provided packages (RH, Debian, etc). As noted in the slapd.conf(5) man
page, the default olcRootDN is "cn=config" unless otherwise specified. If
you are not using your own build of OpenLDAP, I would advise reading the
documentation that came with your specific distribution.
Hope that helps.
Packaged, certified, and supported LDAP solutions powered by OpenLDAP: