Displaying 2 results from an estimated 2 matches for "slapd_sentinel_fil".
Did you mean:
slapd_sentinel_file
2024 Dec 13
0
RODC in DMZ
...uot;<DN-TO-WITH-READ-ACCESS>"
>> ??? by users read
>> ??? by * none
>>
>> /etc/default/slapd:
>>
>> SLAPD_USER="openldap"
>> SLAPD_GROUP="openldap"
>> SLAPD_PIDFILE=
>> SLAPD_SERVICES="ldaps:///"
>> SLAPD_SENTINEL_FILE=/etc/ldap/noslapd
>> SLAPD_OPTIONS=""
>>
>> I am using this for LDAP queries from my DMZ. It needs just one open
>> port (tcp/636) and limits ldap-queries to permissions setup in
>> slapd.conf (read on dn-subtree). That prevents unwanted open ports
>&g...
2024 Dec 13
1
RODC in DMZ
Der Rowland,
We share that concerns actually and of course if there is a way to avoid
it, it is always better. Another fellow suggested us an LDAP-Proxy
instead (personally have never setup one). What we actually need in our
case scenario, is only that service and not the rest of bells and
whistles of an RODC.
I just was wondering if someone had experience with what happens if one
does