ACL for LDAP Server ver 5.1
[205 byte] By [P_P] at [2007-11-26 11:32:32] 
I would like to know if there is way to stop/restrict anonymous binds via IP, if so I need some detailed directions because I am new to The Solaris platform and also the Sun Directory Sever. Thanks.
# 1
yes u can write ACLhellomp at 2007-7-7 3:48:21 >
# 2
You can't prevent the bind operation (without using the Directory Proxy Server), but you can prevent the client from viewing any data once bound.
Add an ACI similar to this to the root entry of the directory tree:
aci: (targetattr="*")(version 3.0;acl "Restrict Anonymous Access";deny(all) ip="192.168.1.1" or ip="192.168.1.2" and authmethod="none";)
This says "for all attributes, deny all permissions (read, write, search, etc.) for binds that come from the specified IP addresses and are not authenticated (i.e., anonymous)".
Check out the Sun ONE Directory Server 5.2 Administration Guide for more info. The ACI formats should be the same between 5.1 and 5.2.
chadklunck at 2007-7-7 3:48:21 >
General New Topic
General Hot Topic
- ftp security
- Problem re-editing ssh_config and sshd_config
- How can we find out the patch insallation history.
- ports 80 and 443
- Root disk encapsulation - VxVM question
- apply a patch which is a diff file
- How to enable the HP DAT72 Tape Drive's hardware compress function?
- Suspend operation failed on Solaris 9
General
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding