[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Security between server and client nodes.





On Tue, Nov 29, 2011 at 6:26 PM, Jayavant Patil <jayavant.patil82@gmail.com> wrote:

>>Mon, 28 Nov 2011 11:25:16 +0100 Raffael Sahli <public@raffaelsahli.com> wrote:
>>Hi

>>I think you mean SSL connection or the STARTTLS Layer...?
>>Please read the manual http://www.openldap.org/doc/admin24/tls.html
 >Ok.

>>And tree security:
>>On my server, a client user can only see his own object:
>Are you using simple authentication mechanism?

>>Maybe create a rule like this:
>>access to filter=(objectClass=
>>simpleSecurityObject)
>>      by self read
>>        by * none

>I am not getting what the ACL rule specifies. Any suggestions?

     I have two users ldap_6 and ldap_7. I want to restrict a user to see his own data only.
     In slapd.conf, I specified the rule as follows:
           access to *
              by self write
              by * none

     But ldap_6 can see the ldap_7 user entries (or vice versa) with
      $ldapsearch -x -v -D  "cn=root,dc=abc,dc=com" -b "ou=People,dc=abc,dc=com" "uid=ldap_7"

   Any suggestions?
     

--

Thanks & Regards,

Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.




--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.