[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL



i know, i know, i've read the admin-guide for both v1.2 and v2.0
no, what i meant was: is there a possibility to do smth like:

access to *
    by dn="uid=admin,o=smth,c=smth" addr=my.i.p.address write

doon't bother the conditions, i just want to know, wheter the 'AND' of the
clauses is possible or not. (to write them just as above doesn't work,
ofcourse)
sorry if i that wasn't clear
regards
daniel


"Kurt D. Zeilenga" wrote:

> At 11:41 AM 10/6/00 +0200, Daniel Tiefnig wrote:
> >hi,
> >
> >if got a question again.
> >
> >kurt wrote in msg00176 (09/2000):
> >
> >> If the <what> or <who> statement includes multiple clauses, all
> >> clauses must match for the access to apply.  That is, the statement
> >> is evaluated using the AND of the clauses.
> >>
> >>        access to filter=(objectClass=person) attrs=userPassword
> >>                by self peername="IP:127\.0\.0\.1" write
> >
> >so slapd is checking for 'self' AND 'ip==127.0.0.1' but this only works
> >with openldap 2.x, correct?
>
> I don't be 1.2 supports the peername condition, but it supports
> other conditions (including addr and domain).
>
> Kurt

--
Daniel Tiefnig
Servertechnology
INFONOVA IT GmbH