----- Original Message ----- > From: "Dan White" <[email protected]> > To: "Wiebe Cazemier" <[email protected]> > Cc: "Maarten Vanraes" <[email protected]>, > [email protected] > Sent: Friday, 28 December, 2012 3:47:58 PM > Subject: Re: Admin user has two passwords > > > There is no admin user per se. There is an authentication identity > that > you can specify in your configuration with rootdn/olcRootDN, along > with > it's password, rootpw/OlcRootPW. > > Creating the same DN within your DIT may confuse things, and it is > not > necessary that it actually exist (unless you do not specify a > rootpw). > > See: > > http://www.openldap.org/doc/admin24/access-control.html#Controlling%20rootdn%20access > > and the slapd.conf/slapd-config man pages. > > -- > Dan White >
Does that mean that the Ubuntu docs [1] give the wrong instructions? Because in its backend.example.ldif, it makes: olcRootDN: cn=admin,dc=example,dc=com olcRootPW: secret and then it loads an admin user with frontend.example.ldif: # Admin user. dn: cn=admin,dc=example,dc=com objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword: secret So what I should do is remove the admin user, and set olcRootPW (but then to a value generated with slappasswd to avoid plain text)? [1] https://help.ubuntu.com/10.04/serverguide/openldap-server.html
