Hi! I've browsed the configuration page for slapd[1] and it mentions that, for starting from version 2.3, "The LDAP configuration engine allows all of slapd's configuration options to be changed on the fly, generally without requiring a server restart for the changes to take effect."
I'm using slapd 2.4.23-7 on a Debian Squeeze (testing). Trying to configure TLS support I've found this page[2] mentions using the cn=admin,dc=config account and a password for it. What is the user and password required to update the LDAP configuration database in a Debian-based configuration? I found out the password should be stored as olcRootPW in the olcDatabase={0}config. However, the default configuration lacks this password: --- # slapcat -n0 | grep -C 5 '^\(olcRootDN\|olcRootPW\)' olcAccess: {0}to * by * none olcAddContentAcl: TRUE olcLastMod: TRUE olcMaxDerefDepth: 15 olcReadOnly: FALSE olcRootDN: cn=config olcSyncUseSubentry: FALSE olcMonitoring: FALSE structuralObjectClass: olcDatabaseConfig entryUUID: ed743d3a-adc6-102f-9a18-f1967b980507 creatorsName: cn=config --- I found the easiest way was to add a olcRootPW option to the olcDatabase={0}config file (password generated using slappasswd) and then restarting the server. However, manually editing these files is discouraged, but I didn't find a better way. How should this be handled. Is there a specialized way of configuring the above mentioned password? Razvan [1] http://www.openldap.org/doc/admin24/slapdconf2.html [2] http://ilostmynotes.blogspot.com/2009/04/openldap-24-and-tls.html -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d46cfd4.4000...@rosedu.org