[SAC] Requesting access to LDAP

Frank Warmerdam warmerdam at pobox.com
Wed Apr 6 07:08:56 PDT 2016


Sandro,

It looks like this is controlled by iptables and that they are
configured in /etc/init.d/ipfilter on ldap.osgeo.org.  Some related
lines look like:

# OSU OSL
${IPTABLES} -I INPUT -p tcp -s 140.211.15.0/24 --dport 636 -j ACCEPT

So I imagine we can add a new appropriate rule to this file and then
perhaps reboot, or just directly apply the rule.  I'd be more
comfortable if Martin or someone more knowledgable made the change,
but if that doesn't happen I could likely do it too.

Best regards,
Frank


On Wed, Apr 6, 2016 at 5:44 AM, Sandro Santilli <strk at keybit.net> wrote:
> I'm setting up an experimental installation of gogs [1]
> (the Go Git Service) on a local machine and would
> like to try having it use the OSGeo LDAP directory
> for user authentication, for evaluating it as a possible
> offering to the users of the italian OSGeo chapter [2]
>
> My current problem is that ldap.osgeo.org doesn't accept
> incoming ldaps connections from outside the osgeo.org subnet.
> I've tried setting up an ssh tunnel but then TLS requires client
> to access the server using the name associated with the SSL
> certificate and I'm not sure gogs itself is honouring /etc/hosts
> (which was my easy way to do it).
>
> So, could LDAP be set to also accept requests from an IP
> I would provide, or alternatively could I be given access to the
> LDAP server logs so to check if it is receiving the requests
> for further debugging ?
>
> Thanks in advance.
>
> [1] https://gogs.io
> [2] http://gfoss.it
>
> --strk;
> _______________________________________________
> Sac mailing list
> Sac at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/sac



-- 
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush    | Geospatial Software Developer


More information about the Sac mailing list