[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap security

To: openldap-software@OpenLDAP.org
Subject: Re: openldap security
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Wed, 19 Jul 2006 22:48:24 +0200
In-reply-to: <ad30fc090607191159k7623bfc7j6139d61ae881fbd9@mail.gmail.com> (Gustavo Rios's message of "Wed, 19 Jul 2006 15:59:30 -0300")
References: <ad30fc090607191159k7623bfc7j6139d61ae881fbd9@mail.gmail.com>
User-agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.5 (chestnut, linux)

"Gustavo Rios" <rios.gustavo@gmail.com> writes:

> Dear friends,
>
> i have installed the openldap pakcage (2.2.27). I have just staterd it
> and would like to have a strong security. Since this is my first time
> with i am a little confused.
>
> I would like, for instance:
>
> 0) access requiring non-anonymous identities, must be auhenticated by
> means of gssapi;
> 1) like in a firewall scenario: deny, a priori, everybody access, only
> allowing on a selective basis.
>
> Is that possible to be accomplished?

Yes, see man slapd.access(5), in particular SASL/GSSAPI
authentication.
The FAQ provides plenty of examples.
http://www.openldap.org/faq/data/cache/189.html

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6

References:
- openldap security
  - From: "Gustavo Rios" <rios.gustavo@gmail.com>

Prev by Date: Re: slapcat output from 2.0.21 to slapadd to openldap-2.3.24
Next by Date: Re: openldap security
Index(es):
- Chronological
- Thread