--On Monday, April 03, 2017 7:01 PM +0200 huret deffgok kadafax@gmail.com wrote:
Hi Sami,
Yes there is a olcRootDN (and its password) for the mdb database. But if I understand correctly the olcRootDN is valid only for its database. Anyway this olcRootDN and associated password don't work with the config database. As for the ACL, again but maybe I'm wrong, from the documentation it seems that the RootDN is always allowed whatever are the ACLs. And I can't change them neither as I bump in the same problem as for the login level :(
How to access cn=config may vary depending on if you're using vendor provided packages (RH, Debian, etc). As noted in the slapd.conf(5) man page, the default olcRootDN is "cn=config" unless otherwise specified. If you are not using your own build of OpenLDAP, I would advise reading the documentation that came with your specific distribution.
Hope that helps.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org