You can do it like this, for example : ---------------------------------- aci: (targetattr = "uniqueMember || uidNumber || gidNumber || homeDirectory || loginShell || gecos")(version 3.0; acl "Enable attributes to read for certain ip adresses and to authentified users"; allow (read,search,compare)(((ip="192.168.0.*") or (ip="172.16.191.* ") or (ip="192.168.1.15") or (ip="172.16.126.1")) and (userdn="ldap:///all";));) ------------------------------------ Or you can simply use iptables... 2008/5/8 C.S.R.C.Murthy <murthy at barc.gov.in>: > Hello all, > Iam using directory server for squid ldap authentication. Squid takes > username/password, binds the directory server and if the BIND operation is > successful it allows the user through proxy. My problem is how to specify an > ACI so that BIND operation is allowed only from certain IP address?. ACI > allows me to restrict READ/SEARCH/WRITE operations but not BIND operation. > Please help.
