Also, the following sections differ by shadowLastChange. Which one is correct?
backend.example.com.ldif
olcAccess: to attrs=userPassword by dn="cn=admin,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=admin,dc=example,dc=com" write by * read
in ACL section
dn: olcDatabase={1}hdb,cn=config
olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=exampl
e,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=admin,dc=example,dc=com" write by * read
and also in the ACL section:
ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase=hdb olcAccess
but it looks like there is no place in the guide where we had set a password for that?
Instead, I used:
ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b cn=config olcDatabase=hdb olcAccess
Also, the following sections differ by shadowLastChange. Which one is correct?
backend. example. com.ldif admin,dc= example, dc=com" write by anonymous auth by self write by * none tChange by self write by * read admin,dc= example, dc=com" write by * read
olcAccess: to attrs=userPassword by dn="cn=
olcAccess: to attrs=shadowLas
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="cn=
in ACL section {1}hdb, cn=config ord,shadowLastC hange by dn="cn= admin,dc= exampl admin,dc= example, dc=com" write by * read
dn: olcDatabase=
olcAccess: {0}to attrs=userPassw
e,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=
and also in the ACL section:
ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase=hdb olcAccess
but it looks like there is no place in the guide where we had set a password for that?
Instead, I used:
ldapsearch -Y EXTERNAL -H ldapi:/// -LLL -b cn=config olcDatabase=hdb olcAccess