Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Ldap

  1. #1
    Join Date
    Nov 2005
    Posts
    2
    Rep Power
    10

    Default Ldap

    On OpenSource M2 I am trying to access LDAP with a windows client and am using uid=zimbra,cn=admins,cn=zimbra as the User DN but i have no clue as to what to use as the password. Please Help.

  2. #2
    Join Date
    Nov 2005
    Posts
    2
    Rep Power
    10

    Talking figured it out

    thx

  3. #3
    Join Date
    Dec 2005
    Posts
    74
    Rep Power
    10

    Default how to manage Zimbra LDAP?

    After zimbra installed, how to access its LDAP using third party tool? What're the accounts installed with zimbra, and their passwords?

  4. #4
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default ldap

    zmlocalconfig -s | grep ldap will show the DN and password

  5. #5
    Join Date
    Dec 2005
    Posts
    74
    Rep Power
    10

    Default Zimbra LDAP anonymous login

    I noticed that the zimbra LDAP anonymous login is on by default.

    What's the reason?

    How to turn it off in slapd.conf?

  6. #6
    Join Date
    Jan 2006
    Posts
    15
    Rep Power
    9

    Default

    I've noticed that the ldap server does not require authentication also. So if it were open on the internet, anybody could connect with an ldap client and view your GAL. Is there a way to require authenticatiion for accessing the the zimbra ldap server?

  7. #7
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    We've tighten this down in the GA release. In general you don't want your LDAP server on the internet. It's just not a good idea to open it up like that. There should be a way to set a password for LDAP GAL access. Might want to look at the Open LDAP docs.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  8. #8
    Join Date
    Mar 2006
    Posts
    41
    Rep Power
    9

    Default

    Quote Originally Posted by KevinH
    We've tighten this down in the GA release. In general you don't want your LDAP server on the internet. It's just not a good idea to open it up like that. There should be a way to set a password for LDAP GAL access. Might want to look at the Open LDAP docs.
    That is excellent. I was about to start a thread on the fact that the LDAP server is completely open, meaning that our friendly spammers can now read and confirm every one of our address very easily, not counting customers stealing data, and of course the fact that we would be breaking all Australia Privacy laws by providing an open access list.

    I have installed the latest Debian Package (as of March 2006) 3.0.1 - and it is still open. I have been reading the OpenLDAP docs and found the obvious line to insert is disallow bind_simple_unprotected - but it does not work. Perhaps slapd on Zimbra is not using the /opt/zimbra/openldap/etc/openldap/slapd.conf file.

    Regarding the above - I have noticed a number of conf files where it is hard to figure out which is valid - there is a few duplicates, some in the etc/conf dir and some in the etc/conf dir of the actual application.

    Can you help with the LDAP config to secure the lookups.

    Thanks

    Scott

  9. #9
    Join Date
    Mar 2006
    Posts
    41
    Rep Power
    9

    Default

    Quote Originally Posted by scottp
    Zimbra is not using the /opt/zimbra/openldap/etc/openldap/slapd.conf file.
    Ahhh this was in fact the case. However, if I add the

    disallow bind_simple_unprotected

    Line to the configuration, then Zimbra will no longer startup, I assume that the local system does not login/bind.

    So I need to be able to disallow external, but allow local IP connections.

    Scott

  10. #10
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    11

    Default

    So I need to be able to disallow external, but allow local IP connections
    is the server not behind a firewall?

Similar Threads

  1. LDAP Replication Experiences
    By technikolor in forum Administrators
    Replies: 4
    Last Post: 11-12-2008, 12:52 AM
  2. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 07:45 AM
  3. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 05:29 AM
  4. Mac OSX install: Java errors & LDAP CA error
    By jefbear in forum Installation
    Replies: 9
    Last Post: 12-16-2006, 03:39 PM
  5. Replies: 4
    Last Post: 11-15-2006, 12:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •