Le 30/07/2012 16:45, Aaron Richton a écrit :
On Fri, 27 Jul 2012, Joel Eidsath wrote:
> Hello, I'm trying to use our corporate openldap server for
> authentication to an application server (Github Enterprise) that does
> not support any "memberof" filters for allowed users.
> As a workaround, I am looking into a translucent proxy server that
> would only return a subset of users. Github Enterprise would only
> "see" a few hundred users instead of thousands. Is this doable? Is
> there a better solution?
You may use ACLs, if you have a filtering critera. For
exclude users without a telephone number attribute:
access to dn.children="ou=users,dc=domain,dc=com"
by anonymous peername.ip=w.x.y.z none
by dn.exact="cn=github,ou=roles,dc=domain,dc=com" none
by * break
BOFH excuse #79:
Look, buddy: Windows 3.1 IS A General Protection Fault.