On Nov 10, 2010, at 3:50 , Howard Chu wrote:
Christian Bösch wrote:
Hi
Can someone tell me if it's possible to require strong encryption like TLS except from one IP address?
Not exactly. The "require" directive doesn't have that level of granularity, but you can use ACLs to restrict access. In that case, a user would be able to connect without TLS, but wouldn't be able to access anything.
but then user credentials are sent plain.... i don't want to allow plain simple binds at all except from several ips. if i got you right, this is not possible?
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/