[Date Prev][Date Next] [Chronological] [Thread] [Top]

Different tcp wrapper configuration for ldap and ldaps, possible?


I have run into a bit of a problem, I have an semi open OpenLdap server which is currently only responding to ldaps, but I would like to open the server for non-ssl connections from a very limited number of hosts.

However I am not sure how to configure this with tcp wrappers. As I understand it, OpenLdap checks the hosts.{allow,deny} files with the name of OpenLdap executable and not the name of the actual protocol (correct?), and it is therefor impossible to have a very open hosts.{allow,deny} for ldaps and a very closed one for ldap.

Is there anyway that I can make OpenLdap use the actual protocol for lookups into hosts.{allow,deny} istead of the executable name?
or do I have to run two different OpenLdap servers to make this work?

Thanks in advance :)

Bo Gundersen
DBA/Software Developer