[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL troubles


I have some problems to configure my aACL's and hope someone can help me.

I want all my local subnet (A.A.A.x) have entire read acces, It's OK.
I want some IP have acces only to one search : for example, I want that IP1 B.B.B.B can only do this search and that any other search return error :
ldapsearch -x -b "ou=people,ou=compagnie,ou=com" "(ou=DIV1*)" -LLL

I don't find how to configure that.
I've tried :

access to dn.base=""
       by peername.regex="IP=A\.A\.A\..+" read
       by peername.regex="IP=127\.0\.0\.1" read
       by * none

access to dn.sub="ou=people,ou=compagnie,ou=com" filter=(ou=DIV1*) by peername.regex="IP=B\.B\.B\.B" read by * none

but dosn't work, I have an insufficient acces 50 error.

I anyone can help me...

Thanks in advance

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature