Server User Manual
cn=config
51
For information on changing the root DN, see the "Creating Directory Entries" chapter in the Directory
Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Values Any valid distinguished name
Default Value
Syntax DN
Example nsslapd-rootdn: cn=Directory Manager
2.3.1.93. nsslapd-rootpw (Root Password)
This attribute sets the password associated with the Manager DN. When the root password
is provided, it is encrypted according to the encryption method selected for the nsslapd-
rootpwstoragescheme attribute. When viewed from the server console, this attribute shows the
value *****. When viewed from the dse.ldif file, this attribute shows the encryption method
followed by the encrypted string of the password. The example shows the password as displayed in
the dse.ldif file, not the actual password.
WARNING
When the root DN is configured at server setup, a root password is required.
However, it is possible for the root password to be deleted from dse.ldif by directly
editing the file. In this situation, the root DN can only obtain the same access to the
directory is allowed for anonymous access. Always make sure that a root password is
defined in dse.ldif when a root DN is configured for the database. The pwdhash
command-line utility can create a new root password. For more information, see
Section 7.3.12, “pwdhash (Prints Encrypted Passwords)”.
Parameter Description
Entry DN cn=config
Valid Values Any valid password encrypted by any one of
the encryption methods which are described in
Section 2.3.1.142, “passwordStorageScheme
(Password Storage Scheme)”.
Default Value
Syntax DirectoryString {encryption_method
}encrypted_Password
Example nsslapd-rootpw: {SSHA}9Eko69APCJfF
2.3.1.94. nsslapd-rootpwstoragescheme (Root Password Storage
Scheme)
This attribute sets the encryption method used for the root password.
Parameter Description
Entry DN cn=config