On 2/12/19 12:30 PM, Zev Weiss wrote:
Is it "normal" to have both olcRootPW and the rootdn's
stored redundantly like this?
Yes, both are accepted. Remove the one not needed.
Or better remove password for rootdn completely because no access
control and no constraints are applied to rootdn.
Thus you should never bind as rootdn, especially not for external access.