[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP Administration
- To: openldap-technical@openldap.org
- Subject: Re: LDAP Administration
- From: Guillaume Rousse <guillomovitch@gmail.com>
- Date: Thu, 06 Sep 2012 14:17:00 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=frKHM3o7rze4MfP+Dyeg8B82VsCVP83ss5wQcHdl01E=; b=rntVLqleONcdHz9Xx1ncDkbBUeTqpaQtzEtUOudA6lHUoLF07j/FDLm7DfA2nV5npd gMTQfmBJVG8rHZJQdgcmop2YMPDb+2EGNUgUjMI1BhA1XrhpfajTcfYUm4QbJGt0pXb4 Biluj/Dr+LJea7hxQhHoNDW6t7RPGARoqFvn5FJvRecGo4xbpUExK4ONul3geVqZrktR DN9E9fKZJUtCStEbssrsXQDpHJrlhbE1Tp5xD9BW+1sOVrdnHkKIVi376gL7FNnMv207 X2c+U+5JIok9FSbhxpGZqSNano2gDeJ+9re0D8zkRBvjnSXzdaSojnqWS4MZ+AYGsyOq 5fMg==
- In-reply-to: <CAOk3A-0A+iUkOP7gVJ8KA2Z460Fpx=Vs7G7MRkL3taRjLDM4Tw@mail.gmail.com>
- References: <CAOk3A-0A+iUkOP7gVJ8KA2Z460Fpx=Vs7G7MRkL3taRjLDM4Tw@mail.gmail.com>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120829 Thunderbird/15.0
Le 06/09/2012 13:58, Brian Green a écrit :
Hello,
I have recently taken over a bunch of systems controlled by an LDAP
database - however, the previous admin. didn't add me to the needed
group so that I can fully administer the LDAP directory.
Is there a way I can force LDAP to add me to this group? I have root
access to the Linux server where the OpenLDAP system is hosted, if that
helps. I've tried changing the .acl documents - that didn't seem to
work to allow me to add myself to that group. This is a production
system, so taking it down for a long period of time, or messing it up,
would be bad.
Quick recovery procedure:
- edit slapd.conf to add a rootdn and a rootpw of your choice
- restart slapd
- commit your changes using rootdn
- revert slapd.conf to original version
- restart slapd
You can even keep something like this permanently in your configuration
file to make it clear:
# only use rootdn in case of emergency
rootdn cn=root,dc=suffix,dc=tld
#rootpw root
--
BOFH excuse #14:
sounds like a Windows problem, try calling Microsoft support