[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Restricting access to certain DNs based on IP address?



On Mon, 20 Dec 2004, Steve Sobol wrote:

> Is it possible to restrict access to specific DNs based on IP address, for
> example "ou=public,dc=company,dc=com" is left open to everyone but
> "ou=private,dc=company,dc=com" is only accessible to people visiting from
> 192.168.2.0/24?

Hi Steve :-)

I haven't tried it, but this would seem to do it:

    access to dn.subtree="ou=private,dc=company,dc=com"
	by peername.ip=192.168.2.0%255.255.255.0 read/write/etc

-- 
Dave Horsfall  DTM  VK2KFU  daveh@ci.com.au  Ph: +61 2 8425-5508 (d) -5500 (sw)
Corinthian Engineering, Level 1, 401 Pacific Hwy, Artarmon, NSW 2064, Australia