On Nov 19, 2007, at 10:48 AM, Aaron Richton wrote:
Only way to stop rootdn is to stop it from getting in in the first place: tcp wrappers/iptables/etc. Which of course do a lot more than rootdn, though...
On Mon, 19 Nov 2007, Aleksander Adamowski wrote:
Hi!
Knowing that rootdn always bypasses ACLs, is there any other way to restrict BIND operations that use rootdn to certain source IP addresses for clients?
--
I'm new and stupid, but why not just put an admin account in ldap and ditch the rootdn?