[ZendTo] LDAP authentication
Jules
Jules at Zend.To
Wed May 20 13:59:19 BST 2020
I always forget about it too!
And I wrote it :-(
On 20/05/2020 13:48, Ken Etter wrote:
> Thanks Jules! I completely forgot about that feature. That explains it.
>
> Ken
> >>> Jules <Jules at Zend.To> 5/20/2020 4:54 AM >>>
> Ken,
>
> ZendTo actively locks out (for 24 hours) users who have failed too
> many login attempts in a day.
> This protects against hackers using your ZendTo to attempt to find
> passwords by brute force.
> There are 2 ways of seeing who is currently locked out, and to
> manually unlock them immediately:
> 1. The web interface for an Admin user (it's one of the red buttons).
> 2. But if you can't get to that, then run /opt/zendto/bin/unlockuser
> and it will show its command-line usage. You should just be able to run
> sudo /opt/zendto/bin/unlockuser -a
>
> to unlock every temporarily-locked account.
> Hope that helps,
> Jules.
> On 19/05/2020 22:28, Ken Etter via ZendTo wrote:
>> And now it is working again. Since a trace on my ldap server showed I
>> wasn't even getting a query from ZendTo, I decided to see what my
>> firewall was seeing. ZendTo is installed in my DMZ. I log into the
>> firewall and do a couple of logins to ZendTo with other accounts and
>> watch what shows up in the firewall. Then I try my login again and it
>> works and shows up in the firewall as expected. I had changed
>> nothing, I just logged into the firewall to see the activity.
>> Frustrating not knowing why, but things are working again. I assume
>> the firewall between the DMZ and the rest of the network was the
>> issue, but I have no idea how or why since it just started working.
>>
>> My apologies for all the clutter on the mailing list.
>>
>> Ken
>> >>> Ken Etter 5/19/2020 4:48 PM >>>
>> I have other software that also does LDAP authentication and my
>> account works fine there. A trace on my LDAP server shows the login
>> happening as expected. So it is as if ZendTo thinks my account is not
>> an LDAP account and is trying to authenticate elsewhere and failing.
>>
>> Ken
>> >>> Ken Etter 5/19/2020 4:41 PM >>>
>> Doing some more digging into this and not making much progress. I was
>> working on moving ZendTo ldap authentication from port 389 to port
>> 636 (SSL). Something wasn't working right, but now my account is
>> locked out of ZendTo. Doing a trace from my LDAP server shows that I
>> don't even get a request from ZendTo. ZendTo is working for all
>> accounts except mine. Is there anything at all within ZendTo that
>> might give me a clue as to what is going on?
>>
>> *Ken Etter*, System Administrator
>> Architectural Group
>> 260.432.9337|msktd.com <http://msktd.com/>
>>
>> <http://msktd.com/>
>>
>>
>>
>> _______________________________________________
>> ZendTo mailing list
>> ZendTo at zend.to
>> http://jul.es/mailman/listinfo/zendto
>
> Jules
>
> --
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
> 'Teach a man to reason, and he will think for a lifetime.' - Phil Plait
>
> www.Zend.To
> Twitter: @JulesFM
Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
The current UK shipping forecast:
Shannon, Rockall: South backing southwest 5 to 7, occasionally gale 8 later in
Shannon. Moderate or rough. Rain, showers later. Good, occasionally poor.
www.Zend.To
Twitter: @JulesFM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20200520/1b4d895c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: IMAGE.png
Type: image/png
Size: 18067 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200520/1b4d895c/attachment-0001.png>
More information about the ZendTo
mailing list