Is it possible to control the size limit based on the ip address?
man slapd.conf
*limits* <*who*> <*limit*> *[*<*limit*> *[...]]
*The argument *who* can be any of
anonymous | users | [dn[.<style>]=]<pattern> | group[/oc[/at]]=<pattern>
Which doesn't look like the 'who' can be an ip address, but I just want to confirm that is the case (since the 'who' in slapd.access support peername.ip and I'm hoping that that the underlying code for both 'who's is the same :)
Basically we have software running on a host that is unable to authenticate (due to 3rd party software) and we need to increase the size limits for queries coming from it, without increasing that limit for all anonymous binds.
Are there alternative ways of doing this? Possibly setting up a server with back-ldap running, only allowing access from the specific ip address and letting the back-ldap server bind to real servers as an authorized account?
Or is there a way to map ip address to an identity that can be used in the limits control.
We're running 2.3.24.
thanks,
Patrick