using cn=config to retrieve DIT records

Hello,

I have a multi-tenant [multiple DITs] LDAP directory setup. One of things that I need to be able to do, is to retrieve records from individual domain [DIT] -level databases using "superuser" credentials.

I am able to do what I need using Unix sockets, as in: $sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b dc=example,dc=com

I want to use network credentials and network library to retrieve my information. I am currently able to do this using DIT -level credentials.

If I set salt the config password, is there something that would fundamentally prevent the below from working? $ldapsearch -D cn=config -h IPADRRESS -W -b dc=example,dc=com

Suggestions?

Sincerely,

Igor Shmukler