I attempted to implement the above mentioned condition.What I did is I created two Project - DICE and IM under ou=People. As for test, I created two User - Shamim and Shreepath under IM and I created two Users - Sapna and Vinod under DICE Now I went to Fedora DS Console and tried setting the below mentioned ACL on DICE project: ------------------------------------------------------------------------ -------------------------------------------------- (targetattr = "*") (target = "ldap:///ou=DICE,ou=People, dc=im,dc=logica,dc=com") (version 3.0;acl "Restrcited for IM Hosts";deny (all)(userdn = "ldap:///uid=Shreepath,ou=IM,ou=People, dc=im,dc=logica,dc=com" or userdn = "ldap:///uid=shamim,ou=IM,ou=People, dc=im,dc=logica,dc=com") and (ip="10.14.0.*");) ------------------------------------------------------------------------ -------------------------------------------------------- All I am trying not to let specific host and users of specific projects to access the DICE project. Am I right in doing that?? This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20080212/da8a274b/attachment.html
