Am 27.10.23 um 09:51 schrieb Alejandro Imass:
> Thank you for answering my question, comments below:
>
> On Thu, Oct 26, 2023 at 10:52 PM Uwe Sauter <[email protected]
> <mailto:[email protected]>> wrote:
>
>
> when comparing the LDIF you used to initialize with the slapcat output,
> what I can see is that
> you have no distict
> definition of olcDatabase={0}config,cn=config. I suspect that OpenLDAP
> then used default vaules,
> including the "to * by
> * none" ACL.
>
>
> None of the docs or any examples show to setup a specific section for
> olcDatabase={0}config,cn=config not even the default ldif file that comes
> with the distribution.
Having olcDatabase={0}config,cn=config in the original LDIF which you use to
initialize the LDAP
server is usually a good idea because you can do configuration there that you
otherwise would need
to modify lateron.
> Try the following (and replace with the correct URL):
>
> $ ldifmodify -x -H ldap://localhost/ -D cn=config -W << EOF
> > dn: olcDatabase={0}config,cn=config
> > changetype: modify
> > add: olcRootPW
> > olcRootPW: {SSHA}cZbRoOhRew8MBiWGSEOiFX0XqbAQwXUr
> > EOF
>
>
> What is ldifmodify ?
I meant to write ldapmodify…
> Thank you for this, I have saved it to my cheat sheet !
Glad you solved the issue. You're welcome.
