I’m trying to understand the openldap configuration in yunohost.
If I have a look at the result of “ps aux|grep slapd” and the /etc/ldap/slapd.d folder it seems the LDAP is running with cn=config, but I also have a slapd.conf file, not sure why?
Is it a left-over from upgrade to stretch that I can delete or is it used for something?
And I cannot access cn=config through ldapsearch using “sudo ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config” it gives no result.
After some troubleshooting I’d say this is because of a missing ACL, are the ACLs different from the default debian ones? (the debian default setup allows access to cn=config)
Also, it seems yunohost does not fill /etc/ldap/ldap.conf with the ldap base and uri, could this be added?
So it does seem access by root has been removed on purpose, and I’m not sure also why the rootdn is different, and what are all these other options for.
I tried to look into yunohost sources but I can’t find stuff specific to slapd except the slapd.conf, maybe these options are the result of some automatic conversion from slapd.conf, but then I’m not sure why the ACL would be preventing configuration edition.