[Date Prev][Date Next]
Re: ldap queries rewriting
Aaron Richton wrote:
Excellent, I thought ACLs were restricted to attributes only, not to
If the copier has a Bind DN option, then something along the lines of...
access to dn.subtree="ou=Engineering,dc=example,dc=com"
by dn.exact="cn=EngineeringCopier,ou=Engineering,dc=example,dc=com" read
access to *
by dn.exact="cn=EngineeringCopier,ou=Engineering,dc=example,dc=com" none
If it doesn't, you could substitute the "dn.exact" with "peername.ip."
Super disgusting, but it'd probably work.
Bind dn option failed because printer doesn't allow to install ca
certificates, nor to do ssl/tls without checking server certificates,
and autentication is only permitted through encrypted connection, so I
had to rely on copier IP.
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62