[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5690) cn=config cannot be rootdn

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5690) cn=config cannot be rootdn
From: ando@sys-net.it
Date: Tue, 9 Sep 2008 16:52:21 GMT

Quanah Gibson-Mount wrote:
> --On Tuesday, September 09, 2008 10:10 AM +0000 ando@sys-net.it wrote:
> 
>> quanah@zimbra.com wrote:
>>
>>> In OpenLDAP 2.3, it was possible to set the rootdn of the main database
>>> to be cn=config.  This no longer works in OpenLDAP 2.4, but seems like
>>> it should be valid to me.
>>
>> ...
>>
>>> cn=config is *clearly* under ""
>>
>> No, cn=config is *clearly* under cn=config, which comes earlier than "".
>> But then you don't need to set rootpw.
> 
> Ah, I see.  So this is more just a behavior change between 2.3 and 2.4. 
> Thanks!

Well, I don't think they changed that much.  If you expose cn=config 
then any DN in that namespace will belong to the back-config; if you 
don't expose it, then it will belong to "".  I think you weren't using 
the same slapd.conf with 2.3 and 2.4, if you noticed a different behavior.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

Prev by Date: Re: (ITS#5690) cn=config cannot be rootdn
Next by Date: Re: (ITS#5690) cn=config cannot be rootdn
Index(es):
- Chronological
- Thread