In an external application I need to get some data from the Zimbra-LDAP directory (user accounts with email adresses, groups, phone numbers etc.).

So my first try was to create a simple Zimbra-Account just for that use. But when I connect to this account via LDAP, I don't get all LDAP Attributes, e.g. field "description" is not set.

I also tried the LDAP admin user (uid=zimbra,cn=admins,cn=zimbra), which worked fine, but I don't want to use an account with write access to the LDAP directory.

So: How can I create an LDAP user with read-only access to all attributes?