On 06/28/2016 10:33 AM, Natxo Asenjo wrote:
On Tue, Jun 28, 2016 at 10:03 AM, Ludwig Krispenz <lkris...@redhat.com
On 06/28/2016 09:50 AM, Natxo Asenjo wrote:
I'd like to have internally all sort of ldap access, but
externally onlly certificate based, for example.
If there is a way to do that know that I am not aware of I'd be
very interested to know it as well ;-). Right now we solve this
problems using vpn connections with third parties, but ideally
one could just open the port to the internet if only that kind of
access was allowed.
maybe you can achieve this with access control, there are all kind
of rules to allow access based on client's ip address, domain,
security strength, authentication method - and combinations of them.
Do you mean something like explained here:
I was thinking of something like this (and the other bind rules):
the link you sent is about restraing access of directory manager, which
is not subject to normal acis
Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project