I attempted to implement the above mentioned condition.What I
did is I created two Project – DICE and IM under ou=People.
As for test, I created two User – Shamim and Shreepath
under IM and I created two Users – Sapna and Vinod under DICE
Now I went to Fedora DS Console and tried setting the below
mentioned ACL on DICE project:
--------------------------------------------------------------------------------------------------------------------------
(targetattr = "*") (target =
"ldap:///ou=DICE,ou=People, dc=im,dc=logica,dc=com") (version 3.0;acl
"Restrcited for IM Hosts";deny (all)(userdn =
"ldap:///uid=Shreepath,ou=IM,ou=People, dc=im,dc=logica,dc=com" or userdn
= "ldap:///uid=shamim,ou=IM,ou=People, dc=im,dc=logica,dc=com") and
(ip="10.14.0.*");)
--------------------------------------------------------------------------------------------------------------------------------
All I am trying not to let specific host and users of
specific projects to access the DICE project.
Am I right in doing that??
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.