[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
rootpw ignored if userPassword exists
I was just wondering if this is expected behaviour.
If rootdn happens to match an existing entry in the directory, and that
entry has a userPassword attribute, the rootpw value in slapd.conf is
ignored and userPassword is used instead.
I find this a bit unexpected. Suppose someone manages to create an entry
matching rootdn. Then this person would be able to become rootdn,
bypassing the rootpw setting in slapd.conf.