[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Remote Access



On Mon, 2007-05-21 at 00:34 +0200, Pierangelo Masarati wrote:
> Gregory P. Ennis wrote:
> > I am installing openldap for the first time and having some difficulties
> > getting it working on remote networks.  I have been able to have it work
> > perfectly inside a network, but unable to get two other networks
> > communicating properly.  This is surely an newbie question, but I have
> > not been able to find the problem.
> > 
> > I am running a fedora core 5 system with iptables opened for port 389, I
> > have selinux set to permissive, I have the firewall opened to every port
> > on the specified remote ip addresses.  (replaced with "##.##.##.##"
> > below.
> 
> have a look at tcpwrappers (/etc/hosts.allow & /etc/hosts.deny).  Note
> that building slapd with TCP wrappers support is not recommended, as IPs
> can be (easily?) spoofed.
> 
> p.
> 
> 
> 
> Ing. Pierangelo Masarati
> OpenLDAP Core Team

Pierangelo,

Thanks for your help.  I have host.allow letting everything in on the
two other networks I am trying to connect to the ldap server.  I already
have iptables controlling access and really do not need hosts.allow.  I
have never tried to turn hosts.allow off... guess renaming the file or
deleting it would do.  However I don't think this is a problem with
hosts.allow in that I am getting log information that demonstrates
connection "DENIED" from ldap.  Do you have other suggestions?

Greg