[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Access auth granularity?
- To: openldap-technical@openldap.org
- Subject: Access auth granularity?
- From: Dora Paula <deepee@gmx.net>
- Date: Mon, 9 May 2016 09:00:22 +0200
- User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
Dear List,
I've two subtrees that contain user-accounts:
ou=usersA,dc=example,dc=com and ou=usersB,dc=example,dc=com.
Goal: Users below ou=userA,... should only be allowed to bind using
sasl_bind, but not with simple_bind. Whereas users below ou=usersB,...
should be allowed to bind using both (or any kind of bind).
I searched the documentation but without success. All I found was
disallow simplebind and sasl_ssf, but both seem to make no sense in this
case: While the first disallows simple_binds globally, the combination
of sasl_ssf and access auth is or at least seems contradicting to me.
Question: Is it possible to achieve this goal using current openldap
release?
Thank you very much
Dora