1 Feb
2017
1 Feb
'17
12:09 a.m.
Quanah Gibson-Mount wrote:
I would note that the rootdn is never subject to ACLs (as documented in the slapd.access(5) man page).
To add: - This applies for the same backend for which the rootdn is defined. - The rootdn in one backend does not have any special rights in other backends.
So there is no point in listing it in ACLs.
In my setups I usually use the "rootdn" of the main backend in ACLs for other backends (e.g. cn=config, cn=monitor, cn=accesslog).
Ciao, Michael.