[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Stumped on ACL

To: Timothy H Folks <Timothy.Folks@edgescape.com>
Subject: Re: Stumped on ACL
From: Ian Logan <ian@NMSU.Edu>
Date: Wed, 5 Mar 2003 08:59:55 -0700
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <OFBF1F5447.BE828D22-ON86256CE0.0020B5F0-86256CE0.00210C03@edgescape.com>
References: <OFBF1F5447.BE828D22-ON86256CE0.0020B5F0-86256CE0.00210C03@edgescape.com>
User-agent: Mutt/1.4i

You probably want to use the peername clause. Took a look at slapd.access(5)
for the details.


On Wed, Mar 05, 2003 at 12:00:57AM -0600, Timothy H Folks wrote:
> Hello, everyone.
> 
> I start with a basic access control policy like this:
> 
> access to filter=(objectClass=inetOrgPerson)
>     by dn="uid=admin1,dc=example,dc=com" write
>     by dn="uid=admin2,dc=example,dc=com" read
> 
> 
> So far so good. Now is where I start to get lost. I want to allow access 
> from ldapi and then from ldap: in two different ways: without requiring 
> encryption on 127.0.0.1 and requiring StartTLS on the external IP's, Is 
> there a way to do this? I appreciate your help in advance.
> 
> Tim 

-- 
Ian Logan
Information and Communication Technologies
New Mexico State University
Email: ian@nmsu.edu Phone: 505-646-6034 Fax: 505-646-4560

Follow-Ups:
- Re: Stumped on ACL
  - From: Timothy H Folks <Timothy.Folks@edgescape.com>

References:
- Stumped on ACL
  - From: Timothy H Folks <Timothy.Folks@edgescape.com>

Prev by Date: Re: Mozilla & OpenLDAP
Next by Date: Re: Newbie question:How to stop OL?
Index(es):
- Chronological
- Thread