How To Completely Block Queries To ODSEE (Doc ID 2210499.1)

Last updated on JANUARY 11, 2017

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.3 and later
Information in this document applies to any platform.

Goal


To completely block queries to DSEE



What is the best way to block all connections / queries to DSEE service?

ACI ? Is this good?

aci: (target = ldap:///o=org,c=country) (targetscope = subtree) (targetattr="*") (version 3.0; acl "Block All"; deny (all, import, export, proxy) (userdn = "ldap:///anyone") ;)

We basically want to block anyone from querying the LDAP server.

1) Will this block the admin account?

2) We have over 300 other ACI's which have deny / allow to particular accounts, IP, etc.  Will the above rule supersede all the other rules?

3) Also if we want to block everyone but a particular DN , what is the method to do that?

Is there another method for it?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms