[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSF and binds

--On Tuesday, September 14, 2004 9:03 AM -0500 "Richard L. Goerwitz III" <richard@Goerwitz.com> wrote:

Is there any way in OpenLDAP 2.2.x to say the following:

   1) binds must occur over sessions with an SSF of at least 63

   2) UNLESS the peer is (in which case a lower SSF is

Have you tried making two clauses to the ACL?

access to <whatever>
	by <DN> ssf=63 read
	by peer= ssf=10 read
	by * break

(Note I'm making that up off the top of my head, so syntax may be off).


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html