Thread: iPhone 3.0 contacts LDAP
View Single Post
  #8 (permalink)  
Old 09-21-2009, 01:00 PM
ewilen ewilen is offline
Moderator
  
Posts: 1,405
Default
Last I checked, you can access the LDAP directory without a password, and it appears to send info over a non-secure channel.

This bugzilla entry suggests you can use TLS but may not really be relevant: Bug 16601 – Secure Access To LDAP

This possibly-related bug is still open: Bug 13832 – run zimbra ldap over ssl

This seems to be the "really important" bug for purposes of this topic: Bug 15378 – Obviate the need for and disallow LDAP anonymous binds

And note that this seems to be fixed as of GnR.

Also see this discussion: Disable Anonymous LDAP Browse
__________________
Elliot Wilen
Berkeley, CA

Don't forget to enter your Zimbra version in your forum profile.
Reply With Quote