[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Remote Access

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: Remote Access
From: "Gregory P. Ennis" <PoMec@PoMec.Net>
Date: Sun, 20 May 2007 17:54:11 -0500
Cc: openldap-software@openldap.org
In-reply-to: <4650CCE7.7030906@sys-net.it>
References: <1179695698.14860.86.camel@DevB.EcCare.com> <4650CCE7.7030906@sys-net.it>

On Mon, 2007-05-21 at 00:34 +0200, Pierangelo Masarati wrote:
> Gregory P. Ennis wrote:
> > I am installing openldap for the first time and having some difficulties
> > getting it working on remote networks.  I have been able to have it work
> > perfectly inside a network, but unable to get two other networks
> > communicating properly.  This is surely an newbie question, but I have
> > not been able to find the problem.
> > 
> > I am running a fedora core 5 system with iptables opened for port 389, I
> > have selinux set to permissive, I have the firewall opened to every port
> > on the specified remote ip addresses.  (replaced with "##.##.##.##"
> > below.
> 
> have a look at tcpwrappers (/etc/hosts.allow & /etc/hosts.deny).  Note
> that building slapd with TCP wrappers support is not recommended, as IPs
> can be (easily?) spoofed.
> 
> p.
> 
> 
> 
> Ing. Pierangelo Masarati
> OpenLDAP Core Team

Pierangelo,

Thanks for your help.  I have host.allow letting everything in on the
two other networks I am trying to connect to the ldap server.  I already
have iptables controlling access and really do not need hosts.allow.  I
have never tried to turn hosts.allow off... guess renaming the file or
deleting it would do.  However I don't think this is a problem with
hosts.allow in that I am getting log information that demonstrates
connection "DENIED" from ldap.  Do you have other suggestions?

Greg

References:
- Remote Access
  - From: "Gregory P. Ennis" <PoMec@PoMec.Net>
- Re: Remote Access
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: Remote Access
Next by Date: ACL redundancy
Index(es):
- Chronological
- Thread