https://bugzilla.novell.com/show_bug.cgi?id=763389
https://bugzilla.novell.com/show_bug.cgi?id=763389#c2
Ralf Haferkamp
Is it needed there? We've never actually write it into /etc/ldap.conf ... Hm, no. /etc/ldap.conf allows setting a binddn, but using the same value as in /etc/sysconfig/ldap is the wrong choice in most cases.
The DN defined in /etc/sysconfig/ldap is usually a priviledge DN (it has at least some administrative rights on the LDAP Server) in most cases it currently will just be the Admin DN. The one in ldap.conf should be one with only just enough priviledges to read the users and groups. It shouldn't have any write access. If we'd want to support binddn in ldap.conf we'd need to add addtional elements to the UI as well. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.