[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Blocking users

Thank you Kurt.
I will try it.


On 8/14/06, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
At 12:08 AM 8/14/2006, Marcelo Moulin wrote:
> I am using openldap.  How do I configure slapd(8) so that a
> user whose entry contains a 'statusFlag' attribute with
> value 1 (defined in one new schema) will be blocked from
>authenticating to the directory?

Well, you can block the user from authenticating.  For
using LDAP simple bind, just restrict the 'auth' access to
userPassword.  For instance, using something like:
        access to attr=userPassword filter=(statusFlag=1)
                by self write
        access to attr=userPassword
                by self write
                by anonymous auth
see slap.access(1).