>> "Paul B. Henson" <henson(a)acm.org> schrieb am
19.11.2020 um 20:28 in Nachricht
<3caa7199-fb23-5cf8-07f5-1bfbac50b8a5(a)acm.org>:
On 11/18/2020 11:05 PM, Ulrich Windl wrote:
>
> I wonder: Would it be possible to use a specific named bind for on-campus
> hosts, and use the name used for binding to controll further access?
Hmm, I'm not completely sure what you mean here? Do you mean an
authenticated bind? Our current IP address access control allows
Yes, authenticated ("named" vs. anonymous) binds.
anonymous users on campus access to attributes that anonymous users
off-campus cannot get to, and it also limits authenticated binds for
non-service accounts to on campus only.
I'm aware that this might require a change like having to use an authenticated bind
for "get more" from LDAP (as opposed to anonymous binds).
Regards,
Ulrich