Using iManager
(because I don't see this function in UMC, and Identity Console is not an option in SLD under OES and eDir is not a listed seperate product.)
I have a couple role accounts that keep getting locked from the offsite logins, and it would be really useful to restrict to only allow the local subnet they are needed in, but the field only allows individual IPs, not whole subnets.
It isn't like I can even nail down which server is being touched and by which protocol (CIFS is Not one of them, NCP and LDAP are the only I am aware of)
Inline Documentation (the help available when you try to add an address) says
IP Address
Specify a decimal number from 0 to 255 in each of the four fields. The first two fields represent the network segment. The last two fields represent the computer.
Clearly not understanding networking, and stuck on IPX or the old class B being the only option (we all know better)
Adding all the IPs individually for multiple class C addresses isn't exactly my idea of fun or in the range of sane.
10.0.0.0/21 is what I really want to enter, but that is not an option.
Even 10.0.0.* through 10.0.6.* would be fine, but is not an option.
Generating a big LDIF import is possible, just not the sane route. And what might that break?
I could get Identity Console via other clients, but that misses that big point.
A) it might not even work
B) Should an Open Workgroup Suite have eDir as an entitlement and that is just broken for this client?
Have I just missed the function in UMC?
Other ideas?
________________________
Andy of KonecnyConsulting.ca in Toronto
Please use the "Like" and/or "Verified Answers" as appropriate as that helps us all.