FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 06-30-2008, 02:12 PM
Dael Maselli
 
Default Simple Bind only in secured channel

Great! Con you send me additional informations and possibly the code?

It will be very helpful.

Thanks.

Dael Maselli.


Gary Windham wrote:

On Jun 16, 2008, at 8:49 AM, Rich Megginson wrote:


Dael Maselli wrote:

Hi all,

is there any method to deny simple bind operation unless in a secure
channel (SSL or STARTTLS)?
No. This relates to another requested feature, which is the ability
to deny anonymous bind or other anonymous operations. I would like to
get some requirements for such a feature.

* allow simple bind/anonymous operations only over a secure channel?
* allow simple bind/anonymous operations for certain hosts/ip addresses?
* allow only certain anonymous operations, like startTLS and the
password change extop? others?

* other access control features related to the above?

Do I have to write a plug-in? Hints?
Yes, at this point it would have to be a plug-in, most likely a bind
pre-op plug-in.


I have a bind pre-op plugin that meets the first two requirements; I
would be happy to share it with anyone interested.


Thanks,
--Gary

--
Gary Windham
Senior Enterprise Systems Architect
The University of Arizona, UITS
+1 520 626 5981

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users


--
__________________________________________________ _________________

Dael Maselli --- INFN-LNF Computing Service -- +39.06.9403.2214
__________________________________________________ _________________

Democracy is two wolves and a lamb voting on what to have for lunch
__________________________________________________ _________________
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 06-30-2008, 04:15 PM
Gary Windham
 
Default Simple Bind only in secured channel

Sorry...I jumped the gun on this.

I'm working with the University's Office of Technology Transfer to
contribute this code under the terms of The Fedora Project's Corporate
Contributor License Agreement (http://directory.fedoraproject.org/wiki/Corporate_Contributor_License_Agreement
). Hopefully I'll hear back soon. Thanks for the interest.


--Gary

--
Gary Windham
Senior Enterprise Systems Architect
The University of Arizona, UITS
+1 520 626 5981


On Jun 30, 2008, at 7:12 AM, Dael Maselli wrote:



Great! Con you send me additional informations and possibly the code?

It will be very helpful.

Thanks.

Dael Maselli.


Gary Windham wrote:

On Jun 16, 2008, at 8:49 AM, Rich Megginson wrote:

Dael Maselli wrote:

Hi all,

is there any method to deny simple bind operation unless in a
secure

channel (SSL or STARTTLS)?
No. This relates to another requested feature, which is the
ability to deny anonymous bind or other anonymous operations. I
would like to get some requirements for such a feature.

* allow simple bind/anonymous operations only over a secure channel?
* allow simple bind/anonymous operations for certain hosts/ip
addresses?
* allow only certain anonymous operations, like startTLS and the
password change extop? others?

* other access control features related to the above?

Do I have to write a plug-in? Hints?
Yes, at this point it would have to be a plug-in, most likely a
bind pre-op plug-in.
I have a bind pre-op plugin that meets the first two requirements;
I would be happy to share it with anyone interested.

Thanks,
--Gary
--
Gary Windham
Senior Enterprise Systems Architect
The University of Arizona, UITS
+1 520 626 5981
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users


--
__________________________________________________ _________________

Dael Maselli --- INFN-LNF Computing Service -- +39.06.9403.2214
__________________________________________________ _________________

Democracy is two wolves and a lamb voting on what to have for lunch
__________________________________________________ _________________
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users




--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 

Thread Tools




All times are GMT. The time now is 09:07 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org