On Mon, Mar 07, 2011 at 05:26:51PM +0000, Gervase Markham wrote: > How does one use an LDAP browser to view and change the cn=config config? > > I am using the OpenLDAP 2.4.23 package from Ubuntu 10.10, and have > been using both "luma" and more recently ApacheDS. I have tried an > enormous number of ways all afternoon, but feel I'm stumbling in the > dark. Do I have to use a special bind DN and password, or should the > RootDN and password for my normal data do? If it's special, what is > it? Where is it configured?
Most browsers treat the schema DN as a special case. In Apache Directory Studio, right-click on the LDAP connection and select 'open schema browser'. jXplorer has the schema in a separate panel/tab. > I can view the data using ldapsearch, as root: > > ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config You should normally be able to view schema when bound anonymously. For permission to change it through LDAP, maybe you should be looking at ACLs rather than rootDN? Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
