[Freeipa-users] multiple ds instances (maybe off-topic)
Natxo Asenjo
natxo.asenjo at gmail.com
Tue Jun 28 08:33:04 UTC 2016
hi Ludwig,
On Tue, Jun 28, 2016 at 10:03 AM, Ludwig Krispenz <lkrispen at redhat.com>
wrote:
>
> On 06/28/2016 09:50 AM, Natxo Asenjo wrote:
>
>
> I'd like to have internally all sort of ldap access, but externally onlly
> certificate based, for example.
>
> If there is a way to do that know that I am not aware of I'd be very
> interested to know it as well ;-). Right now we solve this problems using
> vpn connections with third parties, but ideally one could just open the
> port to the internet if only that kind of access was allowed.
>
> maybe you can achieve this with access control, there are all kind of
> rules to allow access based on client's ip address, domain, security
> strength, authentication method - and combinations of them.
> <https://www.redhat.com/mailman/listinfo/freeipa-users>
>
Do you mean something like explained here:
http://directory.fedoraproject.org/docs/389ds/design/rootdn-access-control.html
?
Thanks!
--
Groeten,
natxo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160628/f4456cde/attachment.htm>
More information about the Freeipa-users
mailing list