Results 1 to 3 of 3

Thread: GAL Access Password?

  1. #1
    blaze is offline Senior Member
    Join Date
    Oct 2007
    Posts
    67
    Rep Power
    7

    Default GAL Access Password?

    Hi guys,

    Just a question about something I have not been able to find up to now. When you open the LDAP port to allow GAL lookups in Thunderbird, you do not need to type in a username and the LDAP is running on a non-secure port. Is there an easy way to change these settings on the server so that users can access the port 636 (LDAPS) and are required to enter a password to do GAL lookups?

    Many thanks,
    Gary

  2. #2
    dwmtractor's Avatar
    dwmtractor is offline Moderator
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    10

    Default

    This is an identified issue. See this thread.
    Restricting LDAP permissions

    It's been registered as a bug, and you can add your vote or comments on bugzilla:
    Bug 15378 - Obviate the need for and disallow LDAP anonymous binds

    See also
    Bug 16601 - Secure Access To LDAP

    In other words, you're not the only one with this concern, and it will be addressed but is not fixed at this time.

    In the meantime, is your concern having public access from the outside world, or also securing the GAL within your own network? If the former, firewalling the server and not permitting port 389 access except from the LAN will provide some level of security; then outside users would have to log into a VPN (or simply use the web client--ssl only--from outside) before accessing their mail. May not be ideal from your architecture but it will certainly work from a security perspective.

    Cheers,

    Dan

  3. #3
    blaze is offline Senior Member
    Join Date
    Oct 2007
    Posts
    67
    Rep Power
    7

    Default

    Hi Dan,

    Many thanks for your response. I shall vote on the bug and notify our client of the current status.

    Best regards,
    Gary

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. GAL Access in 53
    By tmichotte in forum General Questions
    Replies: 0
    Last Post: 10-09-2007, 02:02 PM
  2. Access to Password from Zimlet
    By gaugat in forum Zimlets
    Replies: 0
    Last Post: 10-04-2007, 07:46 AM
  3. Limiting access to GAL and Calendar
    By addihetja in forum Users
    Replies: 1
    Last Post: 05-02-2007, 02:55 PM
  4. Replies: 5
    Last Post: 03-01-2007, 03:20 AM
  5. FC4 Test install getting SU: Incorrect Password
    By bbepristis in forum Installation
    Replies: 16
    Last Post: 08-11-2006, 10:07 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •