Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] AW: [FW-1] LDAP Placement in DMZ

To: [email protected]
Subject: Re: [FW-1] AW: [FW-1] LDAP Placement in DMZ
From: Chris Arnold <[email protected]>
Date: Wed, 13 Mar 2002 10:23:29 -0500
Comments: To: "[email protected]" <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

OpenLDAP?  Not sure.  iPlanet has a directory access router which can do
this.  Other vendors have metadirectory products which will _probably_ do it
as well.  I found an open source LDAP to DB (ODBC I think) gateway once.

Chris

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Wednesday, March 13, 2002 10:20 AM
To: Chris Arnold; [email protected]
Subject: AW: [FW-1] AW: [FW-1] LDAP Placement in DMZ


How do you congfigure an ExTeRnAl (means not on the same host than slapd)
oracel backend db in slapd.conf ?

-----Ursprüngliche Nachricht-----
Von: Chris Arnold [mailto:[email protected]]
Gesendet: Mittwoch, 13. März 2002 16:16
An: 'Mailing list for discussion of Firewall-1';
'[email protected]'
Betreff: RE: [FW-1] AW: [FW-1] LDAP Placement in DMZ


I assumed that database was referring to a separate database server.  As in
"should me LDAP directory server sit on the same subnet as my Oracle DB
server?"  Whatever the case, I still see no issue.

And yes, you can create a replica of an LDAP directory.  You could also have
a situation where the directory will reside on host and another host will be
exclusively a consumer and have no local store.

Chris

-----Original Message-----
From: Joerg Fritsch [mailto:[email protected]]
Sent: Wednesday, March 13, 2002 9:22 AM
To: [email protected]
Subject: [FW-1] AW: [FW-1] LDAP Placement in DMZ


In fact I wonder if he is talking about openLDAP or the iPilanet Directory
server. As far as I know both require the slapd running on the same platform
where the database is located. IsN't It ???

Of course you can do replicas.

--Joerg

-----Ursprüngliche Nachricht-----
Von: Chris Arnold [mailto:[email protected]]
Gesendet: Mittwoch, 13. März 2002 14:24
An: [email protected]
Betreff: Re: [FW-1] LDAP Placement in DMZ


I can not think of one reason why this would be a poor idea.

Chris

-----Original Message-----
From: g M
To: [email protected]
Sent: 3/13/02 7:12 AM
Subject: [FW-1] LDAP Placement in DMZ

Hi All,

I was told at one time that that you should not place your LDAP server
in
the same subnet as your database.....

Does anyone have any info as to where I could find a "Best Practice"
type
doc that would back this statement up???

What would the security implications be if the LDAP server was in the
same
subnet as the database???

Thanks
Greg

_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] ws_ftp_pro and ssl
Next by Date: Re: [FW-1] How to clear the internal hosts count on NG
Previous by thread: [FW-1] AW: [FW-1] LDAP Placement in DMZ
Next by thread: Re: [FW-1] AW: [FW-1] LDAP Placement in DMZ
Index(es):
- Date
- Thread