In order to admin the 'cn=config' database you need the 'cn=config' admin, not the admin of the data DB. In debian such admin is root with SASL TLS External. Try
sudo ldapsearch -H ldapi:/// -Y EXTERNAL -b 'cn=config'
Once you've confirmed the above works, you can change the password. First, hash the value:
slappasswd -h {SSHA} -s "my_password"
Then, paste the hashed value into an ldif file such as ./change_ldap_password.ldif:
dn: olcDatabase={0}config,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}cZbRoOhRew8MBiWGSEOiFX0XqbAQwXUr
Finally, apply the ldif file:
sudo ldapmodify -H ldapi:/// -Y EXTERNAL -D 'cn=config' -f ./change_ldap_password.ldif
Changing passwords with ldapmodify is discouraged. If user exists (it is not this case), ldappasswd is way better.
