Re: How to control the BIND operation using ACI | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
If you have a complete control over an application configuration, anyway you can do anything you want, even use/etc/passwd file instead of LDAP :) If you consider however that a bind limitation based on the ACIs could be a useful feature you can request this feature at the bugzilla of Fedora Directory Server (bugzilla.redhat.com). I don't know whether this feature exists in OpenLDAP or Active Directory... 2008/5/11 <murthy@xxxxxxxxxxx>: > Thank you very much for the URLs. This will help me to control users of > which group can authenticate using ldap and go through proxy. I will > follow this approach. > > > As far as i can see making a quick google search squid can do > > authorisation using ldap fi> Still there is the case where if the squid proxy server is administered > by some other people, they can bypass this restriction as instead of > defining filters for ldap operation, they can simply use BIND operation > to get authenticated. This can never be controlled at the LDAP server > level. For that matter this can be used by any application to bypass > group level control. -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Fedora Directory Devel] [Fedora Announce] [Fedora Legacy Announce] [Home] [Fedora Tools] [Kernel] [Fedora Legacy] [Share Photos] [Fedora Desktop] [PAM] [Red Hat Watch] [Red Hat Development] [Red Hat 9 Bible] [Red Hat 9] [Big List of Linux Books] [Gimp] [Yosemite News]