[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Monitor Backend

To: <dieter@dkluenter.de>
Subject: Re: Monitor Backend
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Tue, 7 Jan 2003 08:51:18 +0100 (CET)
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <m3wuli3za4.fsf@marin.l4b.de>
References: <m3wuli3za4.fsf@marin.l4b.de>

> Hi,
> I'm using OpenLDAP-2.1.3 and i have added a "database monitor"
> directive to my slapd.conf, which works fine. But when adding a rootdn
> and rootpw directive, slapd complains with "rootpw can only
> be set when rootdn is under suffix", but the README says:
> -.-.-.-.-.-.-.--.-.-.-.-.-.-.-.-.-.-.-.-
>  the backend supports the rootdn/rootpw
> directives (only simple bind at present).
> -.--.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
> and
> -.-.-.-.-.-.--.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
> The suffix "cn=Monitor" is implicitly activated (it cannot be given  as
> a suffix of the database as usually done for conventional
> backends).
> -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
>
> How can i bind to the backend, as i dont't want world read access.

Dunno about 2.1.3, didn't go that far; with 2.1.10/HEAD
it works fine:

<slap.conf>
database monitor
rootdn  "cn=administrator,cn=monitor"
rootpw  secret
</slap.conf>

BTW, note that you don't need to use the rootdn to protect
your monitor backend; sinte it supports regular ACL, you can
add "access" directives that refer to entries in other
databases (assuming your configuration includes other databases).

P.M.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

Follow-Ups:
- Re: Monitor Backend
  - From: Peter Marschall <peter.marschall@mayn.de>

References:
- Monitor Backend
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re: entry has multiple objectClass attributes
Next by Date: Re: entry has multiple objectClass attributes
Index(es):
- Chronological
- Thread