--On Thursday, September 17, 2020 9:04 AM -0700 Quanah Gibson-Mount
<[email protected]> wrote:
The rootdn does not require a password, and most deployments don't set
one, so your understanding here is deeply flawed.
Rootdn is required for some overlays and databases for internal
operations. This still doesn't require a root password to be set.
As a side note, it's also entirely possible to simply add a mapping rule
for a SASL mechanism to the rootdn, whether that's via certificates, LDAPI
mapping with external, etc. But there is no requirement for a root
password to be set/configured.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
