Re: How to control the BIND operation using ACI | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
You can do it like this, for example : ---------------------------------- aci: (targetattr = "uniqueMember || uidNumber || gidNumber || homeDirectory || loginShell || gecos")(version 3.0; acl "Enable attributes to read for certain ip adresses and to authentified users"; allow (read,search,compare)(((ip="192.168.0.*") or (ip="172.16.191.* ") or (ip="192.168.1.15") or (ip="172.16.126.1")) and (userdn="ldap:///all";));) ------------------------------------ Or you can simply use iptables... 2008/5/8 C.S.R.C.Murthy <murthy@xxxxxxxxxxx>: > Hello all, > Iam using directory server for squid ldap authentication. Squid takes > username/password, binds the directory server and if the BIND operation is > successful it allows the user through proxy. My problem is how to specify an > ACI so that BIND operation is allowed only from certain IP address?. ACI > allows me to restrict READ/SEARCH/WRITE operations but not BIND operation. > Please help. -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Fedora Directory Devel] [Fedora Announce] [Fedora Legacy Announce] [Home] [Fedora Tools] [Kernel] [Fedora Legacy] [Share Photos] [Fedora Desktop] [PAM] [Red Hat Watch] [Red Hat Development] [Red Hat 9 Bible] [Red Hat 9] [Big List of Linux Books] [Gimp] [Yosemite News]