How to allow external clients access to galsync data source

[pessoa]

After configuring galsync on a domain, and adding some external contacts there, it is working as expected and described in GAL Sync Account - Zimbra :: Wiki. Users can access the domain entries as well as the external ones. Great improvement, btw!

This new address book (from galsync's datasource) can also be accessed from external clients (android, thunderbird, outlook, ...), however it seems only by using galsync's user credentials, e.g.:

Code:

https://server/home/galsync@domain/_datasource.vcf
carddav /dav/galsync@domain/_datasource/

which means sharing it across the entire domain user base. Galsync's account credentials should only be used by some power user to update the GAL with relevant external addresses. Right?

Eventually, the address book datasource folder can be "Modify Folder Grants" to read on the domain:

Code:

zmprov sm <galsync@domain> mfg /_datasource domain <domain> r

but then external clients (android, thunderbird) don't seems to be able to see it as an address book, even though ZWC can...

Just ran out of ideas here... any help is most welcomed!