Red Hat Directory Server 8.0 Administrator's Guide
The bind rule is evaluated to be true if the client accessing the directory is located in the named
domain. This can be useful for allowing access only from a specific domain. Wildcards will not
work if your system uses a naming service other than DNS. In such a case, if you want to
restrict access to a particular domain, use the ip keyword, as described in Section 4.6,
“Defining Access from a Specific IP Address”.
4.8. Defining Access at a Specific Time of Day or Day of Week
You can use bind rules to specify that binding can only occur at a certain time of day or on a
certain day of the week. For example, you can set a rule that allows access only if it is between
the hours of 8 a.m. and 5 p.m. Monday through Friday. The time used to evaluate access rights
is the time on the Directory Server, not the time on the client.
The LDIF syntax for setting a bind rule based on the time of day is as follows:
timeofday operator time
operator can be one of the following symbols:
equal to (=)
not equal to (!=)
greater than (>)
greater than or equal to (>=)
less than (<)
less than or equal to (<=)
The timeofday keyword requires a time of day expressed in hours and minutes in the 24 hour
clock (0 to 2359).
NOTE
The time on the Directory Server is used for the evaluation, not the time on the
client.
The LDIF syntax for setting a bind rule based on the day in the week is as follows:
dayofweek = "day1, day2 ...
The possible values for the dayofweek keyword are the English three-letter abbreviations for the
days of the week: sun, mon, tue, wed, thu, fri, sat.
4.8.1. Examples
The following are examples of the timeofday and dayofweek syntax:
Chapter 6. Managing Access Control
198