I'm a n00b when it comes to ldap and wondering if someone could please help me.
I've been running through a tutorial (and have it working), but they seem to be doing something that doesn't appear to be the correct way of doing it, and I don't understand the syntax of how to do it another correct way.
That is: Manually editing the file: /usr/local/etc/slapd.d/cn=config/'olcDatabase={0}config.ldif'
And adding to the end of the file:
olcRootDN: cn=admin,cn=config
olcRootPW: S0m3H@sH
Contents of the 'olcDatabase={0}config.ldif' file (I have hashed a bunch of stuff so ignore the "x"'s):
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 1cxxxxdc
dn: olcDatabase={0}config
objectClass: olcDatabaseConfig
olcDatabase: {0}config
olcAccess: {0}to * by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=extern
al,cn=auth" manage by * none
structuralObjectClass: olcDatabaseConfig
entryUUID: 241xxcxx-9xxx-xxx5-xxxe-xxxxxxxfxx2
creatorsName: cn=config
createTimestamp: 2020xxxxxxx2xx
entryCSN: 20201110xxxx8.7xxxxZ#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 202xxxxxxxxx
Now as the file header reads "AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify", so I'm trying to use ldapmodify to update the file and add the parameters I need... I know how to run ldapmodify, but have no idea how I go about generating/creating the ldif to make the change.
I run ldapmodify something like:
/usr/bin/ldapmodify -a -x -D "cn=Manager,dc=xxxxxx,dc=xxxxx,dc=xxx,dc=xx" -w "xxxxxxx" -f /etc/openldap/schema/update_rootdnpw.ldif
Need some help creating that update_rootdnpw.ldif file please.
Many thanks!
Finally got it:
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=admin,cn=config
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}<pass-hash>
And execute using:
ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/update_rootdnpw.ldif