[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL question - Is this sensible?

To: openldap-software@OpenLDAP.org
Subject: ACL question - Is this sensible?
From: Duncan Brannen <dbb@st-andrews.ac.uk>
Date: Wed, 23 Aug 2006 15:21:28 +0100
User-agent: Thunderbird 1.5.0.5 (Windows/20060719)

I want to ensure any connections to our ldap server from outside our domain are encrypted.

I've tried this by adding the following to my acls (All other access is the same)

access to *
       by peername.ip=138.251.0.0%255.255.0.0 none break
       by ssf=128 none break
       by * none


Is this a sensible solution?  It seems like a bit of a hack to me.


Cheers,
         Duncan

Prev by Date: Re: Dynamic schema update
Next by Date: Where is Openldap 2.2 changelog
Index(es):
- Chronological
- Thread