Zimbra GAL Search

**uxbod** · 09-01-2010, 01:28 AM

Must have sleepy eyes this morning but cannot get a normal user to be able to query the Zimbra GAL. I have disabled anonymous binds with zmldapanon -d but when I execute

Code:

ldapsearch -x -H ldap://zimbra.domain.com:389 -D uid=user,ou=people,dc=domain,dc=com -W -b "ou=people,dc=domain,dc=com" mail=*

I am prompted for the password but when I enter it I get INVALID CREDENTIALS

**uxbod** · 09-01-2010, 03:42 AM

I have tried adding to slapd.conf

Code:

access to userPassword
    by anonymous auth
    by * none

and then restarting LDAP with

Code:

ldap stop ; ldap start

and I still receive the error even though the password is correct.

**uxbod** · 09-02-2010, 04:57 AM

Support case 00058201 opened.

**uxbod** · 09-02-2010, 08:45 AM

Well, finally I worked it out ... If you are using an external LDAP for Zimbra authentication things like ldapsearch against the Zimbra LDAP will not work

This is due to the Z-LDAP instance looking at the local Zimbra password and not following the chain to the external source

Hopefully the Zimbra resident LDAP guru will think of a way to handle this

**liverpoolfcfan** · 09-02-2010, 04:20 PM

Hey - I think you just figured out something that stumped me for 2 days recently. Now, if only I could remember what I was trying to do when I ran into this roadblock

**Hivos** · 09-06-2010, 04:12 AM

Not really a solution, but perhaps a temporary workaround: it does seem to work for Admin accounts. Of course a temporary zmldapanon -e would also do the trick...

**warmbowski** · 11-20-2010, 02:11 PM

Is this a bug or normal behavior, or is it a misconfiguration?

I have run into this situation after my process of migrating from 6.0.8 32bit to 6.0.8 64bit following this procedure. And that 32bit install was allowing anonymous external ldap connections, so I wouldn't have noticed this situation before the migration. Now none of my mail clients will search to the GAL via LDAP either anonymously OR when authenticating a user who is not a local user (my admin user works).

Another symptom that I have is that I cannot run the zmldapanon script to either enable or disable anonymous ldap access. It fails with the error Bind: Invalid credentials.

Are you guys having this problem with migrated 32-64 bit systems?

Zimbra

Thread: Zimbra GAL Search

LinkBack

Thread Tools

Search Thread

Display

Zimbra GAL Search

Thread Information

Users Browsing this Thread

Similar Threads

Why is Zimbra so buggy?

postfix relay=none status=bounced for local mails

[SOLVED] Zimbra logwatch.

How to install Zimbra Debian 3.1 binaries on Debian Etch 4.0 [Workaround]

dspam logrotate errors

Posting Permissions