> Hi, > > I thought that the rootdn of the config backend is hardcoded to > "cn=config".
Originally, it was. Now it's not. If you're fine with simple bind, then you can use simple bind by adding a "rootpw <yoursecret>" statement below the "database config", and binding as the "cn=config" which is the default rootdn, or specify a "rootdn <yourDN>" as well and bind as that DN. Since in the original message you appeared to be using SASL LOGIN, you can keep using that. In that case you need to use, as rootdn, the DN of the identity you want to bind as. When you bind with SASL, the SASL identity is transformed in a DN like "uid=<user>,cn=<realm>,cn=<mech>,cn=auth" (cn=<realm> is optional). You can choose to map this DN onto a real user, or leave it as is. In any case, you can then use the resulting DN as the rootdn of the config database. See slapd.conf(5) and the Admin Guide for further details. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: [EMAIL PROTECTED] ------------------------------------------
