[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL for root to update from certain ips



At 02:42 PM 3/15/00 +0800, syw wrote: 
> I 'm trying to compose an ACL so that the root ldap can only modify the ldap
> from certain ips only. Is there anyway top do this?
> From what i tested, it seems that once i gave a root dn and password, any ACLS
> will not be applicable anymore.

The rootdn is immune to ACLs.  If you want to limit management
by ACL, create a manager entry with appropriate access limits
(including addr=<regex> conditions) and then unset both the
rootdn/rootpw.