[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: setting up admin password on openldap
Thank you so very much... That was it..... there was this another database defined at the end, which just said suffix="" (I am not sure what it meant, however, using slap cat I gave -b "" and then added it via slapadd again giving -b="" and it worked. after hashing the rootpw defined in the first database.
On 11/2/07, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
On Thursday 01 November 2007 18:59:56 Naufal Sheikh wrote:
> Hello,
>
> Well Finally I have got something. I have one last question though,
> regarding the concept, Below is the excerpt from my new
slapd.conf:
>
> backend bdb
>
> database monitor
>
> database bdb
> suffix "o=trac"
> rootdn "cn=nsadmin,o=trac"
>
>
> rootpw plain-text password.
>
> When I write cn=nsadmin,o=trac in userDN box in ldap brwoser and give the
> password given in the plain text in slapd.conf it connects to the ldap
> server using the credentials.
>
> While in my old slapd.conf file which I was using as a reference the rootpw
> line is hashed and in rootdn it is only :cn-nsadmin" as follows:
>
> backend bdb
>
> database monitor
>
> database bdb
> suffix "o=trac"
> rootdn "cn=nsadmin"
>
>
> #rootpw secret.
>
> Rest both the configuration files are same. But on the old server I can
> still connect the ldap server through ldap browser using UserDn cn=nsadmin
> and the password. My question is how is that happening?
The DN exists in the directory (under a different suffix/database?), and the
password is set on the DN, in which case (since rootpw is commented out), the
DN is authenticated against the in-directory password.
> I have not really
> grasped this idea.
>
> Also nsadmin exists as a user
entry in LDAP.
> and I can see that it has a hashed password
> on my original server,
In the directory
> while on my new server since (probably i did not
> used hashed password in
slapd.conf) it appears as the plain text.
But you can use an encrypted password, see the slappasswd command.
> If any
> one can please point me to the right section of the guide to understand or
> tell me in simple words!
>
> Thank you all for your help despite of vague questions and replies.
Regards,
Buchan