On 12/28/12 09:30 +0100, Wiebe Cazemier wrote:
----- Original Message -----
From: "Maarten Vanraes" maarten.vanraes@gmail.com To: openldap-technical@openldap.org Cc: "Wiebe Cazemier" wiebe@halfgaar.net Sent: Tuesday, 25 December, 2012 1:08:46 AM Subject: Re: Admin user has two passwords
you could just have multiple userPassword values...
That doesn't seem to be it. When I do:
ldapsearch -D "cn=admin,dc=domain,dc=tld" -W -xLLL -H ldap://ldap.domain.tld/ uid userPassword
It shows that admin has only one password:
dn: cn=admin,dc=ytec,dc=nl userPassword:: [hash]=
But about the root user. How does that relate to an admin user?
There is no admin user per se. There is an authentication identity that you can specify in your configuration with rootdn/olcRootDN, along with it's password, rootpw/OlcRootPW.
Creating the same DN within your DIT may confuse things, and it is not necessary that it actually exist (unless you do not specify a rootpw).
See:
http://www.openldap.org/doc/admin24/access-control.html#Controlling%20rootdn...
and the slapd.conf/slapd-config man pages.