title: OpenDJ Super Users link: https://onemoretech.wordpress.com/2012/10/11/opendj-super-users/ author: lembobro description: post_id: 3506 created: 2012/10/11 14:36:52 created_gmt: 2012/10/11 18:36:52 comment_status: closed post_name: opendj-super-users status: publish post_type: post

OpenDJ Super Users

"How to create an Administrator with Root User Privileges". Stumbled on this in the the OpenDS 2.2 Administrator's Guide. This is found under Managing Administrators. No telling how long it may be available, so I'm recording the relevant example (modified somewhat) here.

dn: uid=admin,ou=special users,dc=example,dc=com
changetype: modify
add: ds-privilege-name
ds-privilege-name: bypass-acl
ds-privilege-name: modify-acl
ds-privilege-name: config-read
ds-privilege-name: config-write
ds-privilege-name: ldif-import
ds-privilege-name: ldif-export
ds-privilege-name: backend-backup
ds-privilege-name: backend-restore
ds-privilege-name: server-shutdown
ds-privilege-name: server-restart
ds-privilege-name: disconnect-client
ds-privilege-name: cancel-request
ds-privilege-name: password-reset
ds-privilege-name: update-schema
ds-privilege-name: privilege-change
ds-privilege-name: unindexed-search

That's it, all the Good Stuff™. Not sure I'd actually set anyone up with all of these privileges, but I can think of a couple that might come in handy, like "unindexed-search" for my application accounts (so much for limits on index entries!).

Copyright 2004-2019 Phil Lembo