[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs per host?


"Branko F. =?utf-8?q?Gra=C4=8Dnar?=" <bfg@noviforum.si> writes:

> Hi there.
> I am wondering if i can setup ACLs per host/network?
> I would like some OU to be readable only from one subnet, writable from other 
> and so on.
> Is this possible with openldap?

Yes, by means of incremental access rules i.e.
access to  ou=foo 
       by peername read continue
       by peername +w continue
       by * none stop

see man slapd.access

Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com