[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL: Combining domain and other <who> directives?

To: Marian Steinbach <marian@ds.fh-koeln.de>
Subject: Re: ACL: Combining domain and other <who> directives?
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Wed, 24 Apr 2002 09:54:42 +0200
Cc: openldap-software@OpenLDAP.org
Organization: Dipartimento di Ingegneria Aerospaziale
References: <3CC5D741.2090205@ds.fh-koeln.de>

Marian Steinbach wrote:
> 
> Hello!
> 
> After digging into the admin guide and FAQmatic I am not yet aware of
> how to solve this problem:
> 
> I only want to allow access to an OpenLDAP 2 server from one domain.
> Within that domain, some other <who> directives are important in order
> to allow different access from none to write. Maybe I am suffering from
> total misconception, but I am just missing boolean operators like "NOT"
> operator or an "AND", that's why I cant formulate the rules in OpenLDAP
> lingo.
> 
> In pseudo code, this is what I am after:
> 
> access to *
>   if (domain ==  .*.domain.tld) {
>       if (self) {
>         write
>       }
>       elseif (users) {
>         read
>       }
>   }
>   else {
>       no access at all.
>   }
> 
> Can anybody help out here?

Use tcp wrappers or ipchains/iptables

Pierangelo.

-- 
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 |
mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy   |
http://www.aero.polimi.it/~masarati

Follow-Ups:
- Re: ACL: Combining domain and other <who> directives?
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

References:
- ACL: Combining domain and other <who> directives?
  - From: Marian Steinbach <marian@ds.fh-koeln.de>

Prev by Date: Re: Trigger registration with backend database!!!
Next by Date: RE: Trigger registration with backend database!!!
Index(es):
- Chronological
- Thread