Andreas Hasenack wrote:
>
> I find this a bit unexpected. Suppose someone manages to create an entry
> matching rootdn. Then this person would be able to become rootdn,
> bypassing the rootpw setting in slapd.conf.
If you're scared about the power of rootdn switch it off.
Ciao, Michael.
On Fri, Jun 15, 2007 at 04:31:48PM +0200, Hallvard B Furuseth wrote:
> Andreas Hasenack writes:
> > I was just wondering if this is expected behaviour.
>
> It's intended behavour that rootdn can be the name of an entry and you
> can use that entry's password.
Agreed
> When both an entry and root
Andreas Hasenack writes:
> I was just wondering if this is expected behaviour.
It's intended behavour that rootdn can be the name of an entry and you
can use that entry's password.
When both an entry and rootpw exist, backends are currently inconsistent
about which one is used. (Which backend ar
I was just wondering if this is expected behaviour.
If rootdn happens to match an existing entry in the directory, and that
entry has a userPassword attribute, the rootpw value in slapd.conf is
ignored and userPassword is used instead.
I find this a bit unexpected. Suppose someone manages to crea
