[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for ip-range?

To: Patrick von der Hagen <hagen@ira.uka.de>
Subject: Re: ACL for ip-range?
From: Adam Williams <adam@morrison-ind.com>
Date: Thu, 18 Jul 2002 10:32:42 -0400 (EDT)
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <20020718121924.GA10385@i09pc11.atis.uni-karlsruhe.de>

>we are running a local LDAP-server providing address-information for our
>staff. Since this information should not be public avalialbe, we
>restrict access, currently based on the clients domain.
>Since we run several domains and lots of subdomains, this is a little
>bit messy and we would prefer to allow/deny access based on the clients
>ip. Can this be done using ACL? I haven't found any
>documentation/example regadring this issue.

access to
  attrs=ntpassword
    by self                                                write
    by dn="uid=pdc,ou=System Accounts,dc=Whitemice,dc=Org" write
    by addr=192.168.1.3                                     read
    by by group="cn=CIS Staff,ou=ACL Groups,dc=Whitemice,dc=Org" write
    by * none

Follow-Ups:
- Re: ACL for ip-range?
  - From: Patrick von der Hagen <hagen@ira.uka.de>

References:
- ACL for ip-range?
  - From: Patrick von der Hagen <hagen@ira.uka.de>

Prev by Date: Re: version of openldap server
Next by Date: LDAP entry mtimes?
Index(es):
- Chronological
- Thread