How does one use an LDAP browser to view and change the cn=config config?

I am using the OpenLDAP 2.4.23 package from Ubuntu 10.10, and have been using both "luma" and more recently ApacheDS. I have tried an enormous number of ways all afternoon, but feel I'm stumbling in the dark. Do I have to use a special bind DN and password, or should the RootDN and password for my normal data do? If it's special, what is it? Where is it configured?

I can view the data using ldapsearch, as root:

ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config

I've tried adding an olcRootPW and olcRootDN manually to the cn=config LDIF file (/etc/ldap/slapd.d/cn=config/olcDatabase={0}config.ldif) but when I start slapd up again and do the command-line search it seems to have noticed the password but not the RootDN :-(

The magic way of getting at it (-Y EXTERNAL) given above, which works only for root, doesn't translate well into filling in boxes in an LDAP browser config. (I tried running the LDAP browser as root and binding anonymously - I could see all my data, but still not cn=config.)

The slapd-config man page has lots of info about what to change, but nothing about how to change it.

I've searched the web for hours, and tried to find it in the Admin Guide, but no luck.

Any help would be very much appreciated! :-)

Gerv