[Fedora-directory-devel] BIND control using ACI feature request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dear sir,
The ACI in fedora directory server can be used to control only search/read/write operations but not BIND operation. This limitation leads to certain deficiencies as below, Suppose for an application that is using ldap for authentication verification, we want to specify that uids belonging to certain group can only authenticate but not the entire spectrum of uids, there is no way to code it in ACI. This is because the application can simply do a BIND operation with UID belonging to any group and corresponding password and gets authenticated. So even though I make groups Iam unable to enforce authentication control.
May I request you to provide BIND control using ACI in future directory server release. 

regards
murthy

begin:vcard
fn:murthy chandragiri
n:chandragiri;murthy
email;internet:murthy@xxxxxxxxxxx
tel;work:+91-22-25595217
version:2.1
end:vcard


--
Fedora-directory-devel mailing list
Fedora-directory-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux