On Mon, 2007-10-01 at 07:27 -0700, Craig White wrote: > On Mon, 2007-10-01 at 07:40 -0500, Steve Rigler wrote: > > On Sun, 2007-09-30 at 19:15 +0200, Felix Schwarz wrote: > > > Eventually I found the problem: > > > nscd did bind anonymously and slapd was configured to prevent access to ldap > > > information by anonymous users. I thought that specifying "rootbinddn" and the > > > correct password in ldap.secret would prevent that but obviously nscd needs > > > "binddn" and "bindpw" in ldap.conf. > > > > > > fs > > > > > > > nscd runs as user "nscd" so it's not going to use rootbinddn. > ---- > rootbinddn does not have anything to do with 'user root' > > 'User root' can bind as whatever is in /root/.ldaprc which by default is > nothing which will default to whatever values are set as binddn/bindpw > in /etc/ldap.conf > > rootbinddn is the all-powerful bind of LDAP > > Craig It has a lot to do with user root if you use rootbinddn in "/etc/ldap.conf" and put the password into "/etc/ldap.secret" which should only be readable by root. -Steve