Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Anonymous Bind to LDAP in Kerio - Anytime Soon?
  •  
innuit12

Messages: 13
Karma: 0
Send a private message to this user
I'd like to query Kerio's LDAP DB through Directory Services in my Eudora client. Unfortunately - it doesn't work.

Kerio's manual states that it doesn't support anonymous lgoins. Looking at the debug output it appears that KerioMail thinks the client is attempting an anonymous bind - even though the client is configured to send login info.

Debug Output Below:
[07/Apr/2004 11:21:07][896] {ldaps} LDAP server session begin; client connected from 10.1.17.21:2104
[07/Apr/2004 11:21:07][896] {ldaps} Anonymous bind from address 10.1.17.21 successful
[07/Apr/2004 11:21:07][896] {ldaps} Search for substring .*d.* in attribute cn
[07/Apr/2004 11:21:36][896] {ldaps} LDAP server session close.


Despite the fact that the output says the anonymous bind was successful it doesn't return any data.


Has anyone been able to make this work with a Eudora client?

If it can't be done - does Kerio plan on correcting anytime soon - or allowing Anonymous Bind for queries?

Thanks
  •  
Jeff Wadlow (Kerio)

Messages: 193
Karma: 6
Send a private message to this user
I think it would have to require authentication or rather it needs the user name. Otherwise how would the mail server know which contact list to check against? There isn't a way to the mail server to know that connections from this IP address should check john<at>mydomain.com instead of mary<at>mydomain.com. And also there is the security issue. Would you want anyone on the Internet to be able to look at the names or email addresses for the users in your domain?
  •  
innuit12

Messages: 13
Karma: 0
Send a private message to this user
What I would like is for this to work as its supposed to.

As I said in my last post - my client is configured with Username and password - but KerioMail interprets it as an anonymous bind.

That said - even an anonymous bind that worked would be better than nothing - especially if you could lock it down to only a certain IP range.

Again - This only happens with a Eudora Client.
I'd be interested in hearing from anyone who's found a workaround for this.

If there is no workaround - I think the Kerio Dev team should try to fix this in the next version.
  •  
jshaw541

Messages: 471
Karma: 0
Send a private message to this user
My half a cent to this discussion is that I know Eudora has a seriously buggy LDAP (and SSL) implementation, and they don't seem very eager to fix their stuff, usually. Can you bind to LDAP via other mail clients? It may just be that Eudora is not going to work.

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
innuit12

Messages: 13
Karma: 0
Send a private message to this user
Yes, I can bind to Kerio's LDAP with Outlook and Outlook Express.

It wouldn't surprise me if some of the problem had to do with Eudora's LDAP implementation. However, I can bind to other LDAP directories with Eudora - just not Kerio's. Which leads me to believe that there's something that can be changed on the server side to accommodate Eudora's implementation.

Unfortunately, several years ago our district adopted Eudora as its default email client - and with 9000 users it'd be a huge undertaking to get everyone to switch to another client.

Thanks for your input - much appreciated.
  •  
jshaw541

Messages: 471
Karma: 0
Send a private message to this user
Yeah we had the same situation: K12 district with thousands of Eudora clients. We had to keep ph because there were so many LDAP bugs in Eudora. Then we wanted SSL-encrypted email. Welp, Eudora's SSL implementation was buggy and didn't work with anything OpenSSL-based. We contacted Eudora and got a less than stellar reply, so we're now actively dumping them and using Apple Mail on our Macs.


Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
Previous Topic: Customize the WebMail Page
Next Topic: Unscanned messages stay in queue (etrust antivirus) - WAITING FOR REPLY
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 07:06:25 CET 2017

Total time taken to generate the page: 0.00481 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.