Public bug reported: In [1], the way the admin user is configured is wrong. You shouldn't make a admin user in ou=people *and* set a olcRootPW as well. See [2]. If you do specify a olcRootPW, don't make the admin user. If you do both, you can have an admin user with two passwords (which I had).
Also, the password is supplied in plain text, meaning the server also stores it as plain text (do: ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b olcDatabase={1}hdb,cn=config so see your password in the tree). Instead, generate a hash with slappasswd. So, either use olcRootPW or make an admin entry in ou=people. The 12.04 docs seem to do it right (they make the entry without rootpw). [1] https://help.ubuntu.com/10.04/serverguide/openldap-server.html [2] http://www.openldap.org/doc/admin24/access-control.html#Controlling%20rootdn%20access ** Affects: ubuntu-docs (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1094842 Title: Ubuntu 10.04 ldap creates admin user with two (plain text) passwords To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1094842/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs