[Date Prev][Date Next] [Chronological] [Thread] [Top]

root dn password: which one is the reference?

To: openldap-technical@openldap.org
Subject: root dn password: which one is the reference?
From: Jephte Clain <jephte.clain@univ-reunion.fr>
Date: Mon, 23 Feb 2015 11:37:29 +0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.0

hello,

I have an ldap server with rootdn cn=admin,dc=domain,dc=tld and passwordset in cn=config (this is openldap 2.4.40 on debian squeeze)

I have also the ldap objet cn=admin,dc=domain,dc=tld in the database,with a *different* password


both password seem to authenticate. is this expected?

This used NOT to work (I don't remember but I think it was on an oldversion using slapd.conf).I have always considered the password defined in cn=config to be thelast resort password, in case the database is corrupted. but when thedatabase is active, I expect the password in the database to be thereference. Being able to regularly change the root dn password lookslike a good thing to me.

Obviously I'm wrong :-)
Out of curiosity, when did this change, if ever?

TIA. with best regards,

--
Jephté Clain
Direction des Systèmes d'Information
et des Usages Numériques - 2IG
Tél. 0262 93 86 31
Fax. 0262 93 81 06

Follow-Ups:
- Re: root dn password: which one is the reference?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Antw: Re: create new user with same UID and GID
Next by Date: Re: create new user with same UID and GID
Index(es):
- Chronological
- Thread