On 28/01/11 16:34 +0100, Pierangelo Masarati wrote:
You can't set the "rootpw" for a "rootdn" outside the naming context of a database. Either set
Ok, I'm finally starting to get a grasp on cn=config. If I understand correctly, there will always be a rootdn for cn=config, regardless if one one specified in the original slapd.conf. If one was not, the rootdn will default to 'cn=config' (or is it cn=admin,dc=config?).
database config rootdn "cn=admin,dc=example,dc=org"
or
database config rootdn "cn=admin,cn=config" rootpw xxx
In the first case, the user "cn=admin,dc=example,dc=org" will need to authenticate otherwise (e.g. from within another database, or using SASL).
Is there a supported way to generate or modify the appropriate authz-regexp config for SASL authentication, assuming that one did not exist within the original slapd.conf?
I've heard mention of a slapmodify command in a future version, so I'm assuming that's going to be the supported solution.