From: Howard Chu <hyc@openldap.org>
Date: Thu, 4 Jun 2009 12:26:29 +0000 (+0000)
Subject: Note that pam-session logging requires a rootdn
X-Git-Tag: ACLCHECK_0~516
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=973c1698cb3bcf229faf5f897f86375d373fd9e8;p=openldap

Note that pam-session logging requires a rootdn
---

diff --git a/contrib/slapd-modules/nssov/slapo-nssov.5 b/contrib/slapd-modules/nssov/slapo-nssov.5
index d91ad4628f..855647d967 100644
--- a/contrib/slapd-modules/nssov/slapo-nssov.5
+++ b/contrib/slapd-modules/nssov/slapo-nssov.5
@@ -247,7 +247,9 @@ of the form
 .RE
 Upon logout the corresponding value will be deleted. This feature allows
 a single LDAP Search to be used to check which users are logged in across
-all the hosts of a network. By default no services are configured.
+all the hosts of a network. The rootdn of the database is used to perform
+the updates of the loginStatus attribute, so a rootdn must already be
+configured for this feature to work. By default no services are configured.
 .LP
 The PAM functions support LDAP Password Policy as well. If the password
 policy overlay is in use (see