On Thu, Apr 21, 2011 at 12:32 PM, Erwann ABALEA <[email protected]> wrote: > 2011/4/21 Jose Ildefonso Camargo Tolosa <[email protected]>: >> On Thu, Apr 21, 2011 at 11:47 AM, Olivier Guillard >> <[email protected]> wrote: >>>> No, that is not the meaning of "add". >>> >>> In that case, how can you change >>> olcRootPW: MySecretPassword >> >> If you forgot your rootdn pass, and have no other user that with write >> privileges to cn=config, I guess you would need to slapcat your >> config, edit it, delete old config, and reload with slapadd. Or... >> take the risk and just edit the file by hand. > > Or use the ldapi:// URI, with "EXTERNAL" SASL mechanism, and correct ACL.
Ok.... can you elaborate? if you can do this, I feel that this is almost a security problem (where you can bypass LDAP authentication by using an external auth that was not previously configured on the directory).
