Email authentication is the process of identifying a user to the LDAP directory server and granting access to legitimate users based on user name and password information provided when users log in. Zimbra Collaboration Serveroffers the following three authentication mechanisms:
Internal. The Internal authentication uses the Zimbra directory server for authentication on the domain. When you select Internal, no other configuration is required.
External LDAP. The user name and password is the authentication information supplied in the bind operation to the LDAP directory server. You must configure the LDAP URL, LDAP filter, and whether to use DN password to bind to the external server.
External Active Directory. The user name and password is the authentication information supplied to the Active Directory server. You identify the Active Directory domain name and URL.
An authentication wizard is used to configure the authentication settings on your domain.
The Internal authentication method assumes the Zimbra schema, running on the OpenLDAP directory server. No additional configuration is necessary.
The external LDAP authentication mechanism attempts to bind to the specified directory server using the supplied user name and password. If this bind succeeds, the connection is closed and the password is considered valid. You configure the following external LDAP settings:
LDAP URL and whether to use SSL or StartTLS. Enter the LDAP address. Check either to use SSL or StartTLS.
The default port is 389. If you use SSL, the default port is 636.
You can configure multiple external LDAP hosts.
LDAP filter. The filter defines the search rules used for directory searches and tries to map the user name to one user on the external LDAP. You should ensure that the filter you enter results in a single entry being matched, otherwise an authentication error is returned to the user.
Example of the search filter is ( mail=%u@mycompany.com).
LDAP search base. To search within a specific part of your directory, enter a search base. It would be entered as ( dc=server, dc=com).
Use DN/Password to bind to external server. If the filter you entered cannot be run using an anonymous bind, then enter the DN/password for a service account on the external LDAP that has been granted access to the attributes required to do the search.
The external Active Directory authentication mechanism attempts to bind to the Active Directory server using the supplied user name and password. You configure the following settings:
Active Directory domain name. The name of the domain for the Active Directory server.
Active Directory LDAP URL and whether to use SSL. Enter the Active Directory LDAP address. The default port is 389. If you use SSL, the default port is 636.
You can configure multiple external Active Directory hosts.
-------------------------------------------------------------------------------------------------------
Copyright @ 2005-2017 Synacor, Inc. All rights reserved. "Zimbra" is a registered trademark of Synacor, Inc.