Re: How to control the BIND operation using ACI

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You can do it like this, for example :

----------------------------------
aci: (targetattr = "uniqueMember || uidNumber || gidNumber ||
homeDirectory ||  loginShell || gecos")(version 3.0; acl "Enable
attributes to read for certain ip adresses and to authentified users";
allow (read,search,compare)(((ip="192.168.0.*") or (ip="172.16.191.*
") or (ip="192.168.1.15") or (ip="172.16.126.1")) and
(userdn="ldap:///all";));)
------------------------------------
Or you can simply use iptables...


2008/5/8 C.S.R.C.Murthy <murthy@xxxxxxxxxxx>:
> Hello all,
>    Iam using directory server for squid ldap authentication. Squid takes
> username/password, binds the directory server and if the BIND operation is
> successful it allows the user through proxy. My problem is how to specify an
> ACI so that BIND operation is allowed only from certain IP address?. ACI
> allows me to restrict READ/SEARCH/WRITE operations but not BIND operation.
> Please help.

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux