[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap security



"Gustavo Rios" <rios.gustavo@gmail.com> writes:

> Dear friends,
>
> i have installed the openldap pakcage (2.2.27). I have just staterd it
> and would like to have a strong security. Since this is my first time
> with i am a little confused.
>
> I would like, for instance:
>
> 0) access requiring non-anonymous identities, must be auhenticated by
> means of gssapi;
> 1) like in a firewall scenario: deny, a priori, everybody access, only
> allowing on a selective basis.
>
> Is that possible to be accomplished?

Yes, see man slapd.access(5), in particular SASL/GSSAPI
authentication.
The FAQ provides plenty of examples.
http://www.openldap.org/faq/data/cache/189.html

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6