or administrative limit restrictions for operations on this database.
.TP
.B rootpw <password>
-Specify a password for the rootdn.
+Specify a password (or hash of the password) for the rootdn.
+This option accepts all password formats known to the server
+including \fB{SHA}\fP, \fB{MD5}\fP, \fB{CRYPT}\fP, and cleartext.
+Cleartext passwords are not recommended.
.TP
.B suffix <dn suffix>
Specify the DN suffix of queries that will be passed to this
+#
+# See slapd.conf(5) for details on configuration options.
+# This file should NOT be world readable.
+#
include %SYSCONFDIR%/slapd.at.conf
include %SYSCONFDIR%/slapd.oc.conf
schemacheck off
rootdn "cn=root, dc=your-domain, dc=com"
#rootdn "cn=root, o=Your Organization Name, c=US"
rootpw secret
+# cleartext passwords, especially for the rootdn, should
+# be avoid. See slapd.conf(5) for details.