search for: slapd_group

...>> dn.subtrees, >> #?? other output of a filter is silently dropped >> access to dn.subtree="<DN-TO-WITH-READ-ACCESS>" >> ??? by users read >> ??? by * none >> >> /etc/default/slapd: >> >> SLAPD_USER="openldap" >> SLAPD_GROUP="openldap" >> SLAPD_PIDFILE= >> SLAPD_SERVICES="ldaps:///" >> SLAPD_SENTINEL_FILE=/etc/ldap/noslapd >> SLAPD_OPTIONS="" >> >> I am using this for LDAP queries from my DMZ. It needs just one open >> port (tcp/636) and limits ld...

Der Rowland, We share that concerns actually and of course if there is a way to avoid it, it is always better. Another fellow suggested us an LDAP-Proxy instead (personally have never setup one). What we actually need in our case scenario, is only that service and not the rest of bells and whistles of an RODC. I just was wondering if someone had experience with what happens if one does

...de /usr/local/openldap-2.3.9/etc/openldap/schema/cosine.schema include /usr/local/openldap-2.3.9/etc/openldap/schema/inetorgperson.schema include /usr/local/openldap-2.3.9/etc/openldap/schema/nis.schema include /usr/local/openldap-2.3.9/etc/openldap/schema/samba.schema SLAPD_USER="slapd" SLAPD_GROUP="slapd" pidfile /usr/local/openldap-2.3.9/var/run/slapd.pid argsfile /usr/local/openldap-2.3.9/var/run/slapd.args access to * by self write by dn="cn=Administrador,dc=NT,dc=DPT,dc=ES" write by * read access to attr=sambaLMPassword,sambaNTPassword by dn="cn=Administrado...