[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: restrict rootdn binds by connection source IP address?




On Nov 19, 2007, at 10:48 AM, Aaron Richton wrote:

Only way to stop rootdn is to stop it from getting in in the first place: tcp wrappers/iptables/etc. Which of course do a lot more than rootdn, though...

On Mon, 19 Nov 2007, Aleksander Adamowski wrote:

Hi!

Knowing that rootdn always bypasses ACLs, is there any other way to restrict BIND operations that use rootdn to certain source IP addresses for clients?

--


I'm new and stupid, but why not just put an admin account in ldap and ditch the rootdn?