[Date Prev][Date Next]
Re: allowing anonymous binds from a specific machine
It seems my searching of the archives was insufficiently thorough. I needed to
use peername="IP=..." instead of peername="IP:...". It dawned on me that this
might be the case after seeing "IP=..." in the local4.debug messages. Did the
colon notation work at one time? Is the '*' optional?
John Dalbec wrote:
> I have a group of 3 machines with a single LDAP server. I needed to restrict
> access from outside but allow anonymous binds from within the group. I had
> success with
> access to *
> by * peername = "IP:127\.0\.0\.1" read
> by * peername = "IP:xxx\.yyy\.zzz\.aa" read
> The "*" before peername is required!