[Date Prev][Date Next] [Chronological] [Thread] [Top]

write an acl with sets and compare connecting peername.ip with ipHost entry (ipHostNumber)

To: openldap-technical@openldap.org <openldap-technical@openldap.org>
Subject: write an acl with sets and compare connecting peername.ip with ipHost entry (ipHostNumber)
From: Uwe Werler <uwe.werler@retiolum.eu>
Date: Wed, 15 Aug 2012 10:43:55 +0200

Hallo all,

is it possible to write an ACL (with sets) which extracts the peername.ip from within an existing entry of ipHost an then compares the connecting peername.ip?

My idea is to only allow access to this entry by connecting peername.ip 192.168.1.1:

dn: cn=myhost.wdf.sap.corp,ou=HOSTS
objectClass: ipHost
objectClass: device
cn: myhost.wdf.sap.corp
ipHostNumber: 192.168.1.1

Background: I want to use ovleray nssov and therefore I need all host information at each host locally in ldap. 'cause we have several thousands of hosts I dont want to replicate all ipHosts to each local database.

Thanks for any advice/hint.

Regards Uwe

Prev by Date: Re: pass-through authentication and base64
Next by Date: acls
Index(es):
- Chronological
- Thread