[Date Prev][Date Next] [Chronological] [Thread] [Top]

How-to secure PosixAccount attr ?



server openldap 2.2.17, with sasl auth (krb5)

access to dn.regex="^([^,]*,)?ou=[^,]+,(dc=[^,]+(,dc=[^,]+)*)$"
        attrs=posixAccount
        by anonymous auth
        by users     read
        by self      read

The prob is that if I use id user1 for examples, the BIND="" unless I harcode it on in ldap.conf.

How can I secure those info ?

Is there a way to pass the current DN on the user ?

thanks !