Configuring an application to login from specified users using LDAP acl.

Medical Technology, Healthcare & Government IT

.
Categories
Category Groups

Configuring an application to login from specified users using LDAP acl.

First create an account for each application (all applications have binddn and bind password to connect to an ldap server).

For eg we have create an user for zabbix as follows:

cn=zabbix,ou=Applications,dc=prime,dc=ds,dc=netspective,dc=com

Then for users that need to login to application add objectClass “netspectiveSimpleAccessControl” and define attribute allowedService as “cn=zabbix,ou=Applications,dc=prime,dc=ds,dc=netspective,dc=com”

You can refer Adding Custom Attribute in LDAP

Now in LDAP server we modify acl to restrict access rights of these DNs from users with that have a specified allowedService.

olcAccess: {4}to dn.subtree="ou=People,dc=prime,dc=ds,dc=netspective,dc=com" filter="(allowedService=uid=gitlab,ou=Applications,dc=prime,dc=ds,dc=netspective,dc=com)" by dn.exact="cn=gitlab,ou=Applications,dc=prime,dc=ds,dc=netspective,dc=com" read by * break

You can refer Modifying Access Control List
celebrex no rx, online Zoloft

Original Link