[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Resticting search to a specific base dn (limiting to just one result)
Hi!
I'd like to configure access control for my user directory so that only
"exact" searches for one user are allowed, wildcard filters should be
denied.
My idea was to try to configure acls that only allow searches where the
base-dn specified is a full dn identifying a user.
E.g. I'd like to allow searches for
BaseDN: uid=leo,ou=users,dc=abc, Filter: (objectclass=*)
... and disallow searches for
BaseDN: ou=users,dc=abc, Filter: (objectclass=*)
Unfortunately I didn't manage to find a working configuration to achieve
this setup.
Is this kind of access control possible with openldap-2.0.21?
Thanks in advance,
--leo
-----------------------------------------------------------------------
Alexander (Leo) Bergolth leo@leo.wu-wien.ac.at
WU-Wien - Zentrum fuer Informatikdienste http://leo.wu-wien.ac.at
Computers are like air conditioners -
they stop working properly when you open Windows