12 Feb
2019
12 Feb
'19
8:17 a.m.
On 2/12/19 12:30 PM, Zev Weiss wrote:
Is it "normal" to have both olcRootPW and the rootdn's userPassword stored redundantly like this?
Yes, both are accepted. Remove the one not needed.
Or better remove password for rootdn completely because no access control and no constraints are applied to rootdn.
Thus you should never bind as rootdn, especially not for external access.
Ciao, Michael.