Re: OpenLDAP21 starts with no password but not with a password

[Cécile Leyman <cecile.leyman@gfi.be>]

Your rootdn must have the same suffix than your suffix...

suffix          "dc=hinwick,dc=demon,dc=co,dc=uk"
rootdn          "cn=root,dc=hinwick,dc=demon,dc=co,dc=uk"
rootpw          *****

Regards,

Cécile.


Quoting Mark Worsdall <ldap@worsdall.demon.co.uk>:

> Hi All,
> 
> If I leave slapd.conf not having a rootpw set, then slapd starts up fine 
> but then I cannot add anything, since it asks for a password.
> 
> If I put a password in plaintext or encrypted, it immediately exits.
> 
> Turning on the -d-1 option gives this reason:-
> 
> 
> line 64 (rootpw ***)
> /usr/local/etc/openldap/slapd.conf: line 64: rootpw can only be set when 
> rootdn is under suffix
> 
> 
> Any ideas?
> 
> slapd.conf settings:-
> 
> 
> include         /usr/local/etc/openldap/schema/core.schema
> pidfile         /var/run/slapd.pid
> argsfile        /var/run/slapd.args
> access to * by * read
> 
> database        bdb
> suffix          "dc=hinwick,dc=demon,dc=co,dc=uk,o=Hinwick Hall,c=GB"
> rootdn          "cn=root, dc=hinwick,dc=demon,dc=co,dc=uk"
> #rootpw          SECRET
> 
> directory       /var/db/openldap-data
> index   objectClass     eq
> 
> 
> Thats all that is in slapd.conf.
> 
> 
> So I hash'ed the rootpw out and slapd started but was unable to use:-
> 
> ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f eg.ldif
> 
> to test becasue it asked for a password and whatever I ended was 
> wrong/invalid.
> 
> 
> M.
> -- 
> Mark Worsdall
> 




-------------------------------------------------
Mail sent through GFI Mailserver1.0
info: ava@gfi.be