[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Adding entries to cn=config
Am Tue, 28 Sep 2010 08:58:00 +0200
schrieb "Angel L. Mateo" <amateo@um.es>:
> El 27/09/10 15:17, Buchan Milne escribió:
> > On Monday, 27 September 2010 11:56:47 Angel L. Mateo wrote:
> >> Hello,
> >>
> >> I'm migrating from an old openldap 2.3.30 to a 2.4.21
> >> running in an ubuntu server, so I'm new with cn=config database.
> >>
> >> The problem I have is that I want to create a user under
> >> cn=config, so I could configure the server without providing the
> >> password for cn=config (I want to restrict the IPs from that user
> >> could be used).
> >
> > [...]
> >
> >> Could anybody help me?
> >
> > Add access controls to the database, allowing your existing user
> > accounts write access to cn=config.
> >
> I have write access to cn=config. In fact, I'm using the
> rootdn
>
> > The config database is for configuration, not for data (e.g. users).
> >
> I know it. I just want to create a user for configuration and
> automation (of configuration) purposes. I'm trying to configure slapd
> from a configuration system like puppet, so I need a user for ldap
> operations (instead of this I could configure slapd managing files
> directly, but I prefer ldap commands). Because of I want to make
> configuration previous to the creation of databases, I would like
> that user to be directly in cn=config database.
>
ldapmodify
dn: olcdatabase={0}cn=config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=config
-
add: olcRootPW
olcRootPW: secret
-
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6