[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL by IP

blair christensen writes:

On Sat, Apr 13, 2002 at 12:10:42PM -0600, Quinn Perkins wrote:
I am trying to allow access to my OpenLDAP 2.0.23 from another server without having to bind (long story...problems with binding with PHP after installing SASL).

I've tried to do it with this type of ACL entry:

access to *
 by addr="" write
 by * read

Change to:

access to *
by peername='^ip=11\.22\.33\.44" write
by * read

I'd rather use an optimization:

access to *
by peername.exact='ip=" write
by * read

Dr. Pierangelo Masarati | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale | fax: +39 02 2399 8334
Politecnico di Milano | mailto:pierangelo.masarati@polimi.it
via La Masa 34, 20156 Milano, Italy | http://www.aero.polimi.it/~masarati