It's been 3 days since I first started reading and playing with openLDAP. Prior to this, I have had no ldap experience of any kind, so please bear with me. (Hopefully this doesn't reach a new low... )
I am working on setting up my first ldap server for a demo environment, and I can't seem to wrap my head around what a rootdn is. I have read several articles, even much of the Zytrax book, and I still cannot figure out what this rootdn is.
I get that it is a user, so maybe better stated, I don't understand where the user exists. Is it an OS user with filesystem privileges? Is it a user that exists in every DIT? If so, when/where is it used, can you have multiple, is it only usuable/accesible when you "include" the core.schema, .. ?
If I had to guess, I would say:
- A rootdn exists in the DIT as a completely arbitrary user (absolutely no relation to the OS)
- There can only be one rootdn per DIT
- (Consquently) If a parent defines a rootdn, any referral cannot
- The rootdn is used for some kind of system action (who knows what)
I know this is the "technical" forum, but I am more so interested in the "why to's" and "reasons behind" than the "how to's".
Any clarity would be greatly appreciated.
Thanks,
JD