Comment 10 for bug 571057

As touched on in the discussion for bug #563829, the release notes should also mention that after upgrading to slapd 2.4.21-0ubuntu5, the user will need to manually clean up the slapd config files in order to complete the switch from the use of the "cn=localroot,cn=config" mapping to the direct use of the "gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" identifier in the security configuration. (This is true even when slapd does start up successfully after the upgrade.)

As far as I can tell from my own testing, this cleanup would involve removing any olcAccess lines referencing "cn=localroot,cn=config" from all /etc/ldap/slapd.d/cn=config/olcDatabase*.ldif files, and also removing the olcAuthzRegexp line mentioning that identifier from the /etc/ldap/slapd.d/cn=config.ldif file.