[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: rootpw ignored if userPassword exists

To: openldap-software@openldap.org
Subject: Re: rootpw ignored if userPassword exists
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 20 Jun 2007 19:10:02 +0200
In-reply-to: <20070615140000.GE10308@mandriva.com.br>
References: <20070615140000.GE10308@mandriva.com.br>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20070509 SeaMonkey/1.1.2

Andreas Hasenack wrote:
> 
> I find this a bit unexpected. Suppose someone manages to create an entry
> matching rootdn. Then this person would be able to become rootdn,
> bypassing the rootpw setting in slapd.conf.

If you're scared about the power of rootdn switch it off.

Ciao, Michael.

References:
- rootpw ignored if userPassword exists
  - From: Andreas Hasenack <ahasenack@terra.com.br>

Prev by Date: Re: Recovery after system shutdown
Next by Date: Re: Recovery after system shutdown
Index(es):
- Chronological
- Thread