Hello, I'm attempting to use an IP clause in an ACI attribute to restrict privileges for a particular DN to connections from a particular host. The ACI attribute is successfully added by ldapmodify, but does not work. As a workaround, I had to use a DNS clause instead, but this is not desirable from either a performance or a security perspective.
The access log shows the connection coming from the expected IPv4 address, but when I enabled the appropriate debugging level I found that the server was complaining about an IPv6 address. It looks like the server is getting an address in the v4-in-v6 format and since the ACLs do not support IPv6, the particular ACL fails. Unfortunately, I seem to be at a loss to force the system to return IPv4 addresses. Any suggestions? The system is running RHEL 6 with 389 DS 1.2.10.4. /etc/modprobe.d/ipv6.conf has already been configured to disable IPv6 support. Thanks -- Iain Morgan -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
