Hi Emmanuel, What I want is effectively the peername restriction in openldap acl. Is it worth me raising an improvement JIRA for this?
Do you think it is something that could be done with a custom interceptor? Is this detail available? Peter Jamieson Consultant Software Engineer Customer Experience Management Solutions 50 Park Road | Gatley, Cheshire, SK8 4HZ O +44 (0)161 495 1186 E [email protected] W www.ConvergysTechnologies.com -----Original Message----- From: Emmanuel Lécharny [mailto:[email protected]] Sent: 18 March 2016 08:57 To: [email protected] Subject: Re: acl in apacheDS Le 18/03/16 09:23, Peter Jamieson a écrit : > Hi, > > I googled for ACLs in apacheds and got this link: - > > https://directory.apache.org/api/user-guide/5.1-aci-and-acls.html > > I was very excited until I saw the content :) Sorry for that... It really need some love :/ > > Is there a way I can prevent modifications to the directory from all servers > except the local one (or a named address)? Not really. Protection are based on bound users, not on IP address or server's name. Now, if you have the DN of the servers you want to forbid modification from, then it's possible. ________________________________ NOTICE: The information contained in this electronic mail transmission is intended by Convergys Corporation for the use of the named individual or entity to which it is directed and may contain information that is privileged or otherwise confidential. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email or by telephone (collect), so that the sender's address records can be corrected.
