[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs per host?

To: openldap-software@OpenLDAP.org
Subject: Re: ACLs per host?
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Fri, 24 Jan 2003 23:37:03 +0100
In-reply-to: <200301240815.29559.bfg@noviforum.si> ("Branko F. Gračnar"'s message of "Fri, 24 Jan 2003 08:15:29 +0100")
References: <200301240815.29559.bfg@noviforum.si>
User-agent: Gnus/5.090005 (Oort Gnus v0.05) XEmacs/21.4 (Informed Management, i686-pc-linux)

Hello,

"Branko F. =?utf-8?q?Gra=C4=8Dnar?=" <bfg@noviforum.si> writes:

> Hi there.
>
>
> I am wondering if i can setup ACLs per host/network?
>
> I would like some OU to be readable only from one subnet, writable from other 
> and so on.
>
> Is this possible with openldap?

Yes, by means of incremental access rules i.e.
access to  ou=foo 
       by peername 1.2.3.4 read continue
       by peername 1.2.3.5 +w continue
       by * none stop

see man slapd.access

-Dieter
       
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour

References:
- ACLs per host?
  - From: "Branko F. Gračnar" <bfg@noviforum.si>

Prev by Date: JDBC-LDAP
Next by Date: RE: Problems upgrading from 2.0.x to 2.1.x
Index(es):
- Chronological
- Thread