From: Gavin Henry <ghenry@suretecsystems.com>
To: Daniel Pérez del Campo <dpercam@hotmail.com>
CC: openldap-software@openldap.org
Subject: Re: ACL to bind groups from a IP
Date: Fri, 05 Oct 2007 16:03:48 +0100
Daniel Pérez del Campo wrote:
Hi!
First of all, sorry for my english.
I will try to be clear.
I have a LDAP server running perfectly. I have this in it:
ou=users,dc=tel,dc=uva,dc=es
ou=groups,dc=tel,dc=uva,dc=es
cn=alumnos,ou=groups,dc=tel,dc=uva,dc=es
objectClass: posixGroup
gidnumber: 10
cn=profesores,ou=groups,dc=tel,dc=uva,dc=es
objectClass: posixGroup
gidnumber: 11
Now, I would like to autheticate users who belong to "profesores" , from
IP=111.111.111.111.
On the other hand, I would like to autheticate users who belongs to
"alumnos", from IP=222.222.222.222.
And at last, the same, but with both groups, and from IP=333.333.333.333.
And in all the cases, the autheticated users could change their password.
I have looked the manual, but I only obtain that all the users( o nodoby)
bind from a specific IP, but I don't know with groups of users.
Does anybody can help me??
man slapd.access
Check for dn.regex, groups and peername.ip
and
http://www.openldap.org/faq/data/cache/189.html
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/