[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Regarding access control

To: Aaron Richton <richton@nbcs.rutgers.edu>
Subject: Re: Regarding access control
From: Nisha P Kurur <nisha@lantana.tenet.res.in>
Date: Wed, 12 Jul 2006 18:48:29 +0530 (IST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <Pine.SOC.4.64.0607120853590.9291@toolbox.rutgers.edu>
Lantana-x-mailscanner: Mail-scanner Found to be clean
Lantana-x-mailscanner-from: nisha@lantana.tenet.res.in
Lantana-x-mailscanner-information: Please contact the ISP for more information
References: <Pine.LNX.4.60.0607121136220.17616@lantana.tenet.res.in> <Pine.SOC.4.64.0607120853590.9291@toolbox.rutgers.edu>

Thanks for you comments.. I'll definitely upgrade the software and check it out.


Thanks & Regards
Nisha

-----------------------------------
Nisha P Kurur
DON Lab (BSB 328)
Dept. of CSE
IITM, Chennai - 36
Phone (044) 2257 5364/9804/9853
----------------------------------

On Wed, 12 Jul 2006, Aaron Richton wrote:

I'm using openldap-2.0.27-8 (which comes along with RedHat 9). I'm trying to
You're using historic software with known bugs; that's a big mistake if you care about data integrity and reliability. You'd be well advised to look into the latest OpenLDAP version.

access to * by peername=10.6.21.* write
To get what it appears you desire, you likely want <style> of regex. See
http://www.openldap.org/lists/openldap-software/200401/msg00170.html
for example.
If you follow the advice of upgrading to the latest OpenLDAP version, you can use
"peername.ip=10.6.21.0%255.255.255.0"
which likely will result in performance improvements (no need to run the regex engine on everything). This is (a very small) one of the hundreds of enhancements available since 2.0.

References:
- Regarding access control
  - From: Nisha P Kurur <nisha@lantana.tenet.res.in>
- Re: Regarding access control
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Re: Regarding access control
Next by Date: ACLs with ip control
Index(es):
- Chronological
- Thread