On 11/29/2011 01:56 PM, Jayavant Patil wrote:

>Mon, 28 Nov 2011 11:25:16 +0100 Raffael Sahli <public@raffaelsahli.com> wrote:
>Hi

>I think you mean SSL connection or the STARTTLS Layer...?
>Please read the manual http://www.openldap.org/doc/admin24/tls.html
Ok.

>And tree security:
>On my server, a client user can only see his own object:
Are you using simple authentication mechanism?

Both simple and/or SASL with GSSAPI

>Maybe create a rule like this:
>access to filter=(objectClass=
>simpleSecurityObject)
> by self read
> by * none

I am not getting what the ACL rule specifies. Any suggestions?

Just an idea, this rule allows an authenticated user access only his own object.
He can't see other simpleSecurityObject Objects.... or whatever

But for your subject; the best setup is using TLS.....

--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.

-- 
Raffael Sahli
public@raffaelsahli.com