[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for ip-range?



>we are running a local LDAP-server providing address-information for our
>staff. Since this information should not be public avalialbe, we
>restrict access, currently based on the clients domain.
>Since we run several domains and lots of subdomains, this is a little
>bit messy and we would prefer to allow/deny access based on the clients
>ip. Can this be done using ACL? I haven't found any
>documentation/example regadring this issue.

access to
  attrs=ntpassword
    by self                                                write
    by dn="uid=pdc,ou=System Accounts,dc=Whitemice,dc=Org" write
    by addr=192.168.1.3                                     read
    by by group="cn=CIS Staff,ou=ACL Groups,dc=Whitemice,dc=Org" write
    by * none