Results 1 to 3 of 3

Thread: Web Login Allowed IP

  1. #1
    GatheredPain is offline Starter Member
    Join Date
    Oct 2012
    Posts
    1
    Rep Power
    2

    Default Web Login Allowed IP

    Hi,

    is there any way to restrict Users/Groups Login to a specified IP? I didn't find anything in the docs nor this Forum.

    I only found the global zimbraWebClientLoginURLAllowedIP Attribute, but this seems not to work. (I tried setting up via zmprof mcf and admin Console, but i'm still able to log in from other IPs)

    THX for your Help!

    (Release 8.0.0.GA.5434.UBUNTU12.64 UBUNTU12_64 FOSS edition.)

  2. #2
    cradke is offline Starter Member
    Join Date
    Aug 2013
    Posts
    1
    Rep Power
    2

    Default

    Does anyone managed to use this?

    Only place where i was able to find anything related to zimbraWebClientLoginURLAllowedIP was a help file for the spnego-settings:

    https://github.com/Zimbra-Community/...ocs/spnego.txt (line 310):
    - Honor only seletced client IP addresses
    zimbraWebClientLoginURLAllowedIP is a multi-valued attribute, values are regex.
    If not set, any client IP address is honored. If multiple values are set, an IP address is honored
    as long as it matches any one of the values. If client IP is not honored, the request
    will not be redirected to zimbraWebClientLoginURL.
    zmprov md {domain} +zimbraWebClientLoginURLAllowedIP '10\.112\.205\.[1-9][0-9]'

    Is this attribute usable to restrict access to specific domains to given client-IPs?

  3. #3
    inqueue is offline Zimbra Employee
    Join Date
    Mar 2006
    Location
    Greenwood, IN
    Posts
    90
    Rep Power
    9

    Default

    Hello,

    zimbraWebClientLoginURLAllowedIP is only used for SPNEGO when the client IP falls within the specified pattern. If the pattern does not match the client IP, then the user is redirected to a standard login page; not what you want.

    I would be interested in knowing the use case for restricting specific users/groups by IP. You could use iptables to restrict access to the web client by network, but it sounds like you are looking for something more.
    --
    Jason Bryan
    Zimbra R&D

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Migrating OSE to OSE via NE, is it allowed by license?
    By troublemaker in forum Migration
    Replies: 4
    Last Post: 05-04-2012, 11:37 PM
  2. Allowed Domain Names
    By unluckyprince in forum Administrators
    Replies: 0
    Last Post: 08-24-2011, 03:07 AM
  3. Allowed Domain Names
    By unluckyprince in forum Installation
    Replies: 0
    Last Post: 08-24-2011, 03:07 AM
  4. ActiveSync not allowed?
    By qabi in forum Zimbra Mobile
    Replies: 3
    Last Post: 09-01-2008, 02:25 AM
  5. $ not allowed in passwords...
    By vdjan in forum Installation
    Replies: 6
    Last Post: 03-27-2007, 02:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •