I am quite familiar with openldap
. The dynamic configuration is quite new to me. So I wanted to make life easier and change openldap
configuration through Apache Directory Studio GUI.
Openldap
is installed on Debian Jessie and Version slapd 2.4.40+dfsg-1+deb8u1 amd64
Tried to follow this way:
http://gos.si/blog/installing-openldap-on-debian-squeeze-with-olc
But I can't access it:
ldapsearch -b cn=config -D cn=admin,dc=domain -W
result: 32 No such object
First I thought it has to do with the ACLs and removed everything, but no change.
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config
works
So why does the olcRootDN have no rights? Also in the GUI I don't see the cn=config.
Thanks in advance for any help!
Best Answer
So I answer it by myself, got it now, big confusion and misunderstanding of the dynamic configuration. Maybe someone has the same problem:
There is a difference between
olcRootDN
indn: olcDatabase={1}mdb,cn=config and dn: olcDatabase={0}config,cn=config
in my case the
olcRootDN
inolcDatabase={0}config,cn=config
was not set at all. So I added it like explained in the link and alsoolcRootPW
.Now I can access the
cn=config
in Apache Directory Studio GUI and edit it comfortable. It is good to have two different Passwords to not accidently delete something incn=config