Am Tue, 28 Sep 2010 08:58:00 +0200 schrieb "Angel L. Mateo" amateo@um.es:
El 27/09/10 15:17, Buchan Milne escribió:
On Monday, 27 September 2010 11:56:47 Angel L. Mateo wrote:
Hello,
I'm migrating from an old openldap 2.3.30 to a 2.4.21 running in an ubuntu server, so I'm new with cn=config database.
The problem I have is that I want to create a user under cn=config, so I could configure the server without providing the password for cn=config (I want to restrict the IPs from that user could be used).
[...]
Could anybody help me?
Add access controls to the database, allowing your existing user accounts write access to cn=config.
I have write access to cn=config. In fact, I'm using the rootdn
The config database is for configuration, not for data (e.g. users).
I know it. I just want to create a user for configuration and automation (of configuration) purposes. I'm trying to configure slapd from a configuration system like puppet, so I need a user for ldap operations (instead of this I could configure slapd managing files directly, but I prefer ldap commands). Because of I want to make configuration previous to the creation of databases, I would like that user to be directly in cn=config database.
ldapmodify dn: olcdatabase={0}cn=config,cn=config changetype: modify add: olcRootDN olcRootDN: cn=config - add: olcRootPW olcRootPW: secret -
-Dieter