[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP browsers and cn=config
On Mon, Mar 07, 2011 at 05:26:51PM +0000, Gervase Markham wrote:
> How does one use an LDAP browser to view and change the cn=config config?
>
> I am using the OpenLDAP 2.4.23 package from Ubuntu 10.10, and have
> been using both "luma" and more recently ApacheDS. I have tried an
> enormous number of ways all afternoon, but feel I'm stumbling in the
> dark. Do I have to use a special bind DN and password, or should the
> RootDN and password for my normal data do? If it's special, what is
> it? Where is it configured?
Most browsers treat the schema DN as a special case. In Apache
Directory Studio, right-click on the LDAP connection and select 'open
schema browser'. jXplorer has the schema in a separate panel/tab.
> I can view the data using ldapsearch, as root:
>
> ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config
You should normally be able to view schema when bound anonymously.
For permission to change it through LDAP, maybe you should be looking
at ACLs rather than rootDN?
Andrew
--
-----------------------------------------------------------------------
| From Andrew Findlay, Skills 1st Ltd |
| Consultant in large-scale systems, networks, and directory services |
| http://www.skills-1st.co.uk/ +44 1628 782565 |
-----------------------------------------------------------------------