Re: Limiting host access

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Tuesday, 22 November 2011 13:35:22 Jayavant Patil wrote:

>   I got the desired solution. Thanks Buchan !!!
> 
>   My next query is as follows:
> 
>   Suppose we have 1000 hosts and we want to give 'user1' access to 999
> hosts (with 1 restricted host). Then, in such case, we need to specify all
> 999 permitted host names in .ldif file.
> 
>   There are wildcards like '*' stands for all hosts and '!' stands for
> excluding host.
>   e.g.
> 
>   1. host: *
>     will allow access to all client nodes.
> 
>   2. host: !n1000
>     will not allow access to n1000 client node.
> 
>   In the above mentioned scenario, when I specify the following it doesn't
> work:
> 
>   host: *
>   host: !n1000
> 
>   It will allow access to all 1000 hosts.

What is the output of 'hostname' for the host you have indicated here as 
'n1000' ?

Also, have you tested the case of only allowing access to this host, using:

host: n1000

(and no other host entries)

> 
>   when I specify the following:
> 
>   host: *,!n1000
> 

I don't think this is correct.

>    It is restricting access to all 1000 hosts.
> 
> 
> Does anybody know how to use these wildcards(*,!) to get the desired
> solution?

>From my brief look at the source, the first example you have in (2) above 
should work, assuming the hostname you have used is correct.

Regards,
Buchan