[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs per host?



Hello,

"Branko F. =?utf-8?q?Gra=C4=8Dnar?=" <bfg@noviforum.si> writes:

> Hi there.
>
>
> I am wondering if i can setup ACLs per host/network?
>
> I would like some OU to be readable only from one subnet, writable from other 
> and so on.
>
> Is this possible with openldap?

Yes, by means of incremental access rules i.e.
access to  ou=foo 
       by peername 1.2.3.4 read continue
       by peername 1.2.3.5 +w continue
       by * none stop

see man slapd.access

-Dieter
       
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour