hi Ludwig, On Tue, Jun 28, 2016 at 10:03 AM, Ludwig Krispenz <lkris...@redhat.com> wrote:
> > On 06/28/2016 09:50 AM, Natxo Asenjo wrote: > > > I'd like to have internally all sort of ldap access, but externally onlly > certificate based, for example. > > If there is a way to do that know that I am not aware of I'd be very > interested to know it as well ;-). Right now we solve this problems using > vpn connections with third parties, but ideally one could just open the > port to the internet if only that kind of access was allowed. > > maybe you can achieve this with access control, there are all kind of > rules to allow access based on client's ip address, domain, security > strength, authentication method - and combinations of them. > <https://www.redhat.com/mailman/listinfo/freeipa-users> > Do you mean something like explained here: http://directory.fedoraproject.org/docs/389ds/design/rootdn-access-control.html ? Thanks! -- Groeten, natxo
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project