Hi John,
2017-06-20 2:02 GMT+02:00 John Lewis oflameo2@gmail.com:
On Mon, 2017-06-19 at 16:46 +0200, Karsten Heymann wrote:
2017-06-19 15:48 GMT+02:00 Howard Chu hyc@symas.com:
Read the slapd.access(5) manpage, use an ACL specifying sockname=xxx for the local port identifier.
Sorry to hijack this thread, but is there anyway to limit which database is reachable on the same port based on domain the in coming connection is trying to use like name based virtual hosting like name based virtual hosting in the apache web server. I want to make the interfaces as friendly as possible without waisting IPv4 addresses.
Yes, that's a standard ldap feature. You differentiate between different databases on the same server by providing different basedns when connecting.
Example: If you have a ldap server with the databases o=companyA and o=companyB, you can (and in fact have to) specify which database/tree you are searching:
ldapsearch -H ldap://<my ldap server>/ -b o=companyA givenName=Bob ldapsearch -H ldap://<my ldap server>/ -b o=companyB givenName=Alive
will search for Bobs in the companyA database and for Alices in the companyB database.
Was that your question?
Best regards Karsten