2015-02-25 10:13 GMT+01:00 Lionel Caignec <[email protected]>: > Hi, > > i'm stuck on a little problem > > I want to restrict bind with "manager" account only on localhost but i did > not manage to do it. > > I've tried something like that (found on ldap forum): > 1) access to dn.base="cn=Manager,dc=domain,dc=tld" > by peername.ip="127.0.0.1" auth > by users none > by anonymous none > > 2) Delete "rootdn" and "rootpw" in the slapd.conf file, but i use > replication. So slapd refuse to start if rootdn/rootpw are not defined. > > > So my question is it possible to do it? If yes what is the best approach. > > > Thank you for helping me. >
Hi Lionel, as this is a pure OpenLDAP question, you should ask it on OpenLDAP technical mailing list. To answer you, it is not possible to restrict rights of the rootDn. RootDn is mandatory and has full access to the database. Clément. _______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
