This is what i got in access logs. <br><br><br><blockquote style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">[25/Sep/2012:14:04:36 -0400] conn=497 fd=75 slot=75 connection from 10.101.100.236 to 10.10.52.10<br>
[25/Sep/2012:14:04:36 -0400] conn=497 op=0 BIND dn="cn=Directory Manager" method=128 version=3<br>[25/Sep/2012:14:04:36 -0400] conn=497 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager"<br>
[25/Sep/2012:14:04:36 -0400] conn=497 op=1 SRCH base="dc=example,dc=com" scope=2 filter="(&(uid=test4)(objectClass=person))" attrs="1.1"<br>[25/Sep/2012:14:04:36 -0400] conn=497 op=1 RESULT err=0 tag=101 nentries=1 etime=0<br>
[25/Sep/2012:14:04:36 -0400] conn=498 fd=76 slot=76 connection from 10.101.100.236 to 10.10.52.10<br>[25/Sep/2012:14:04:36 -0400] conn=497 op=2 UNBIND<br>[25/Sep/2012:14:04:36 -0400] conn=497 op=2 fd=75 closed - U1<br>[25/Sep/2012:14:04:36 -0400] conn=498 op=0 BIND dn="uid=test4,ou=People,dc=example,dc=com" method=128 version=3<br>
[25/Sep/2012:14:04:36 -0400] conn=498 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=test4,ou=people,dc=example,dc=com"<br>[25/Sep/2012:14:04:36 -0400] conn=498 op=1 UNBIND<br></blockquote><br><br><br><br><br>
<div class="gmail_quote">On Tue, Sep 25, 2012 at 1:46 PM, Grzegorz Dwornicki <span dir="ltr"><<a href="mailto:gd1100@gmail.com" target="_blank">gd1100@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<p>Can you provide logs from FDS when you are trying to login via application?</p>
<p>Greg.</p>
<div class="gmail_quote">25 wrz 2012 19:27, "Satish Patel" <<a href="mailto:satish.txt@gmail.com" target="_blank">satish.txt@gmail.com</a>> napisał(a):<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div class="h5">
Hello ALL,<br><br>I have a web base application and user authenticate web application using Directory Service (FDS). I want to restrict some user to not allow to login so i have implement host base deny ACL. But somehow it doesn't works. may be i am missing something. following acl i have.<br>
<br><blockquote style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"> (targetattr = "*") (version 3.0;acl "Host ACL";deny (all)(userdn = "ldap:///uid=test,ou=People,dc=example,dc=com") and (ip="10.101.100.236");)<br>
</blockquote><div><br>But interesting thing is, it works with ldapsearch but not with Web application? <br><br>~S <br></div>
<br></div></div><span class="HOEnZb"><font color="#888888">--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org" target="_blank">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></font></span></blockquote></div>
<br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div><br>