[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Admin user has two passwords



On 12/28/12 09:30 +0100, Wiebe Cazemier wrote:
----- Original Message -----
From: "Maarten Vanraes" <maarten.vanraes@gmail.com>
To: openldap-technical@openldap.org
Cc: "Wiebe Cazemier" <wiebe@halfgaar.net>
Sent: Tuesday, 25 December, 2012 1:08:46 AM
Subject: Re: Admin user has two passwords

you could just have multiple userPassword values...

That doesn't seem to be it. When I do:


ldapsearch -D "cn=admin,dc=domain,dc=tld" -W -xLLL -H ldap://ldap.domain.tld/  uid userPassword


It shows that admin has only one password:


dn: cn=admin,dc=ytec,dc=nl
userPassword:: [hash]=


But about the root user. How does that relate to an admin user?

There is no admin user per se. There is an authentication identity that
you can specify in your configuration with rootdn/olcRootDN, along with
it's password, rootpw/OlcRootPW.

Creating the same DN within your DIT may confuse things, and it is not
necessary that it actually exist (unless you do not specify a rootpw).

See:

http://www.openldap.org/doc/admin24/access-control.html#Controlling%20rootdn%20access

and the slapd.conf/slapd-config man pages.

--
Dan White