Hello,
I am wondering what is the simplest way to restrict admin access
(both via cyradm and directly via IMAP) to just connections from
certain specified hosts. As an example, how can I prevent the admin
user ("cyradmin", say) authenticating successfully if they are not
connecting from a certain host ("xx.xx.xx.xx", say)?
We currently use PAM for authenticating users using LDAP
I have tried using the pam_access PAM module but have not had
any success with it. However, given that we are being advised to
move away from PAM and instead use SASL-patched-for-LDAP, I
was wondering if such host-based restrictions for certain users can
be achieved within SASL (or the associated
pwcheck_sasl_with_ldap type programs being touted at the
moment)?
For information: I am using Cyrus IMAP 2.0.12; SASL 1.5.24;
RedHat 7.1.
Thanks,
Nick.
--
Nicholas Blackaby, ISD, UMIST.
[EMAIL PROTECTED], 0161 200 3208
