On 12/28/12 09:30 +0100, Wiebe Cazemier wrote:
----- Original Message -----
> From: "Maarten Vanraes" <maarten.vanraes(a)gmail.com>
> To: openldap-technical(a)openldap.org
> Cc: "Wiebe Cazemier" <wiebe(a)halfgaar.net>
> Sent: Tuesday, 25 December, 2012 1:08:46 AM
> Subject: Re: Admin user has two passwords
>
> you could just have multiple userPassword values...
That doesn't seem to be it. When I do:
ldapsearch -D "cn=admin,dc=domain,dc=tld" -W -xLLL -H ldap://ldap.domain.tld/
uid userPassword
It shows that admin has only one password:
dn: cn=admin,dc=ytec,dc=nl
userPassword:: [hash]=
But about the root user. How does that relate to an admin user?
There is no admin user per se. There is an authentication identity that
you can specify in your configuration with rootdn/olcRootDN, along with
it's password, rootpw/OlcRootPW.
Creating the same DN within your DIT may confuse things, and it is not
necessary that it actually exist (unless you do not specify a rootpw).
See:
http://www.openldap.org/doc/admin24/access-control.html#Controlling%20roo...
and the slapd.conf/slapd-config man pages.
--
Dan White