Error message when setting up OpenLDAP on CentOS

Question

I was adding my domain in the LDAP database and create a file called ldapdomain.ldif for my domain

dn: olcDatabase={1}monitor,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to * by 
dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth"
  read by dn.base="cn=Manager,dc=example,dc=com" read by * none

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcSuffix
olcSuffix: dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootDN
olcRootDN: cn=Manager,dc=example,dc=com

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}PASSWORD

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange by
  dn="cn=Manager,dc=example,dc=com" write by anonymous auth by self write by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to * by dn="cn=Manager,dc=example,dc=com" write by * read

I'm trying to set up OpenLDAP server over CentOS, and I was following this tutorial www.tecmint.com/install-openldap-server-for-centralized-authentication, but I got stuck in the step 10. When I tried to add the ldapdomain.ldif file configuration to the LDAP database, I got an error message saying:

ldap_modify: Other (e.g., implementation specific) error (80) additional info : <olcAccess> handler exited with 1

Answer 1

You are setting

olcRootDN: cn=Manager,dc=example,dc=com

There is no access control applied to the rootdn anyway. So you can remove all the clauses for cn=Manager,dc=example,dc=com.