[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: restrict rootdn binds by connection source IP address?

On Nov 19, 2007, at 10:48 AM, Aaron Richton wrote:

Only way to stop rootdn is to stop it from getting in in the first place: tcp wrappers/iptables/etc. Which of course do a lot more than rootdn, though...

On Mon, 19 Nov 2007, Aleksander Adamowski wrote:


Knowing that rootdn always bypasses ACLs, is there any other way to restrict BIND operations that use rootdn to certain source IP addresses for clients?


I'm new and stupid, but why not just put an admin account in ldap and ditch the rootdn?