Defining Access Based On Authentication Method - Red Hat DIRECTORY SERVER 7.1 - ADMINISTRATOR Administrator's Manual

The bind rule is evaluated to be true if the client is accessing the directory at
any time after 8 a.m.
timeofday < "1800";
The bind rule is evaluated to be true if the client is accessing the directory at
any time before 6 p.m.
timeofday >= "0800";
The bind rule is evaluated to be true if the client is accessing the directory at 8
a.m. or later.
timeofday <= "1800";
The bind rule is evaluated to be true if the client is accessing the directory at 6
p.m. or earlier.
dayofweek = "Sun, Mon, Tue";
The bind rule is evaluated to be true if the client is accessing the directory on
Sunday, Monday, or Tuesday.

Defining Access Based on Authentication Method

You can set bind rules that state that a client must bind to the directory using a
specific authentication method. The authentication methods available are:
• None — Authentication is not required. This is the default. It represents
anonymous access.
• Simple — The client must provide a user name and password to bind to the
directory.
• SSL — The client must bind to the directory over a Secure Sockets Layer (SSL)
or Transport Layer Security (TLS) connection.
In the case of SSL, the connection is established to the LDAPS second port; in
the case of TLS, the connection is established through a Start TLS operation. In
both cases, a certificate must be provided. For information on setting up SSL,
see chapter 11, "Managing SSL and SASL."
• SASL — The client must bind to the directory over a Simple Authentication
and Security Layer (SASL) connection. Directory Server supports three SASL
mechanisms: EXTERNAL, DIGEST-MD5, and GSS-API for Kerberos systems.
For information on setting up SASL, see chapter 11, "Managing SSL and
SASL."
Chapter 6 Managing Access Control
Bind Rules
235