[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: hide attribute

To: Emmanuel Dreyfus <manu@netbsd.org>
Subject: Re: hide attribute
From: Michael Ströder <michael@stroeder.com>
Date: Sat, 20 Dec 2008 22:07:29 +0100
Cc: openldap-devel@openldap.org
In-reply-to: <1is9nsh.1cfnktvhj7av9M%manu@netbsd.org>
References: <1is9nsh.1cfnktvhj7av9M%manu@netbsd.org>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.19) Gecko/20081204 SeaMonkey/1.1.14

Emmanuel Dreyfus wrote:
> Michael Ströder <michael@stroeder.com> wrote:
> 
>> So why not point these ill-designed apps to a different DSA implemented
>> by back-ldap with such an ACL?
> 
> Yes, that would work. It moves the setup to clients, with might be a bit
> more complicated to handle than the server for system administrators:
> there can be many clients, some of them you don't manage yourself.

=> Use back-ldap based setup for all anon access. Access to the real DSA
only to authenticated clients.

Ciao, Michael.

References:
- Re: hide attribute
  - From: manu@netbsd.org (Emmanuel Dreyfus)

Prev by Date: Re: hide attribute
Next by Date: Re: hide attribute
Index(es):
- Chronological
- Thread