Hi all,
I'm trying to add/remove schemas dynamically using the cn=config database (using slapd 2.4.23-7.2 on debian stable).
I'm connected to slapd with the SASL/External method as root and I'm able to search but delete breaks:
# ldapdelete -Y EXTERNAL -H ldapi:/// "cn={2}nis,cn=schema,cn=config" SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 ldap_delete: Server is unwilling to perform (53)
The ACL seems correct to me:
# ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "olcDatabase={0}config" olcAccess SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn: olcDatabase={0}config,cn=config olcAccess: {0}to * by dn.exact=gidNumber=0 +uidNumber=0,cn=peercred,cn=external ,cn=auth manage by * break
So is it possible to remove a schema like this ? I should miss something...
Thank you