UKUUG Spring 2009 Conference

24-26 March 2009 in London

Conference Home

Information for Delegates

Call for Papers

Booking

Bursaries

Tutorial

Conference Programme

Speaker Slides

Timetable

Social

Dinner

Sponsors

Travel

Venue

Accommodation

Contact Details

Writing Access Control Policies for LDAP

Abstract

Access Control systems vary from one LDAP server to the next. All of them can implement simple policies, but it may be necessary to design the DIT around the access control requirements. In more complex cases it is essential to choose a server with a very flexible access control language. There are a number of pitfalls in ACL design, some of which cannot be covered by many of the commonly-used server products.

This paper suggests an approach to designing and testing access control rules. It includes worked examples to illustrate some common use-cases.

Speaker biography

Andrew Findlay is an independent consultant specialising in Directory Services, data synchronisation, and e-mail systems. He has worked with X.500 and LDAP since 1988, and has designed directory schema for a number of large organisations.

Andrew holds BSc and PhD degrees in Cybernetics from the University of Reading and is an active member of both the IET and the UKUUG.

Slides

The slies from this presentation are available in the following formats:

• PDF (slides)
• PDF (full paper)