Revision bc859677
Added by Jonathan CLARKE over 7 years ago
rudder-inventory-ldap/SOURCES/slapd.conf | ||
---|---|---|
access to dn.base="" by * read
|
||
access to dn.base="cn=Subschema" by * read
|
||
|
||
# Allow access to monitor statistics by the rootdn of the main DB
|
||
# (this is a different DB, so not implicitly allowed)
|
||
access to dn.subtree="cn=Monitor" by dn="cn=Manager,cn=rudder-configuration" read
|
||
|
||
# No other access to the directory contents (except by the rootdn, but that is implicit)
|
||
access to * by * none
|
||
# ACLs - end
|
||
... | ... | |
index objectClass eq
|
||
|
||
# 2 - Monitor
|
||
|
||
# Query statistics here by running:
|
||
# ldapsearch -x -D "cn=Manager,cn=rudder-configuration" -w $(grep ^rootpw /opt/rudder/etc/openldap/slapd.conf | sed 's/^rootpw *//') -b 'cn=Monitor' -s sub '+'
|
||
database monitor
|
Also available in: Unified diff
Fixes #9818: Rudder's LDAP server configuration does not allow to query the monitor DB