Modifying cn=config in OpenLDAP without rootDN password
Using a configures “admin” user and the corresponding password, I successfully created a bind user uid=bind_user,ou=users,dc=work,dc=com on an OpenLDAP server. The bind user needed escalated privileges, but as the cn=admin,dc=work,dc=com user didn’t have write access to the cn=config database, all my efforts running commands such as ldapmodify on the bind user, resulted in this error message: I didn’t have access to the rootDN password, so I was kind of stuck for a while. Then I was advised to try ldapvi,…