Hello- Thanks to the help of Michael and others I was able to migrate my root dn user from slapd.conf to the database. (BTW should I file a bug for bad documentation on example from 7.1 from [1]?)
Here's how I did it (for the curious and benefit of future users/searchers):: Add rootdn user to ldif (/tmp/entries.ldif):: # Organization for Example Corporation dn: dc=example,dc=com objectClass: dcObject objectClass: organization dc: example o: Example Corporation description: The Example Corporation # Organizational Role for Directory Manager dn: cn=Manager,dc=example,dc=com objectClass: organizationalRole objectClass: simpleSecurityObject cn: Manager description: Directory Manager userPassword: secret load it:: ldapadd -x -D "cn=Manager,dc=example,dc=com" -w secret -f /tmp/entries.ldif stop ldap comment out "rootdn" and "rootpw" from slapd.conf start ldap test user from db:: ldapwhoami -x -D "cn=Manager,dc=example,dc=com" -w secret Yeah! It works! So, now back to my original issue. Updating the rootdn password. When I try the following it fails:: ldappasswd -x -v -S -w secret -D cn=Manager,dc=example,dc=com cn=Manager,dc=example,dc=com New password: Re-enter new password: ldap_initialize( <DEFAULT> ) Result: Insufficient access (50) I also have another user that I added and tried to update his password and got the same error:: ldappasswd -x -v -S -w secret -D cn=Manager,dc=example,dc=com cn=s2searchuser,ou=InternalPerson,cn=Manager,dc=example,dc=com New password: Re-enter new password: ldap_initialize( <DEFAULT> ) Result: Insufficient access (50) If I stop ldap, put rootdn/rootpw back in slapd, start ldap and re-run the above and it works:: $ ldappasswd -x -v -S -w secret -D cn=Manager,dc=example,dc=com cn=s2searchuser,ou=InternalPerson,cn=Manager,dc=example,dc=com New password: Re-enter new password: ldap_initialize( <DEFAULT> ) Result: Success (0) I'm sure I'm missing something that is probably obvious to the seasoned veterans, but frustrating to a newbie like me. If anyone can point me further in the right direction that'd be great. thanks much -matt 1 - http://www.openldap.org/doc/admin22/dbtools.html
