When is ldapi:// -Y EXTERNAL needed? Apparently, cosine.ldif breaks without it

openldap

You use ldapadd -H ldapi:/// -Y EXTERNAL ... when you want to modify cn=config - the LDAP config itself. LDAP schema is a part of cn=config.

  • -H ldapi:/// - use UNIX-domain socket (/var/run/ldapi)
  • -Y EXTERNAL - use EXTERNAL mechanism for SASL

I'm not an expert in SASL mechanisms but in this case authentication will succeed if user has UID and GID equal to 0 - is a root.

Related

Show updated packages with Ansible package management
Robocopy - Overwrite all files unless file in destination is newer
Enable both brotli and gzip on NGINX?
High load average but low CPU usage and disk I/O [duplicate]
Ubuntu Err :18 http://dl.google.com/linux/chrome/deb stable Release.gpg KEYEXPIRED 1555048520
Ansible prompt a variable in a task
Ubuntu 20.04 ssh-keygen unknown option -G unable to generate Diffie-Hellman parameters
Is rpcbind needed for an NFS client?
wget to an IPv4 server from IPv6-only VPS
What is DHCP Rebinding?
Bash script parameters
Recursive cp copies folder contents instead of folder on OS X