<html><head>
<meta name="Generator" content="Novell Groupwise Client (Version 18.2.1 Build: 135777)">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head>
<body style="font: 10pt/normal Segoe UI; font-size-adjust: none; font-stretch: normal;"><div class="GroupWiseMessageBody" id="GroupWiseSection_1589991464000_KLE@msktd.com_1FEF159614D20000B1ED8700B3004500_"><div>Jules,</div><div>Is there anything special required to get LDAP working with SSL? I tried setting 'authLDAPUseSSL' to true, rebooted and logins fail. I then tried adding the port number (after a colon) to the address in 'authLDAPServers' and rebooted and logins still fail. If I use an ldap browser to connect, it works although it does complain about the certificate. Do I need to import the certificate for ZendTo to be able to connect? If so, do you have any directions for this?</div><div><br>Thanks!</div><div>Ken<br></div>
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589979559000_Jules@Zend.To"><span class="GroupwiseReplyHeader">>>> Jules <Jules@Zend.To> 5/20/2020 8:59 AM >>><br></span><div>
I always forget about it too!<div><br></div><div>
And I wrote it :-(</div><div>
</div>
<div class="moz-cite-prefix">On 20/05/2020 13:48, Ken Etter wrote:<br>
</div>
<blockquote cite="mid:WM!ca4469d817e4470a73e4853ab5f6d7340d84c4fe9446705708728955bd673400dfb859b1863fa69f97972e336ef8d230!@mx.jul.es" type="cite">
<meta name="Generator" content="Novell Groupwise Client (Version
18.2.1 Build: 135777)">
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589978827000_KLE@msktd.com_1FEF159614D20000B1ED8700B3004500_">
<div>Thanks Jules! I completely forgot about that feature.
That explains it.</div>
<div><br>
</div>
<div>Ken<br>
</div>
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589964896000_Jules@Zend.To"><span class="GroupwiseReplyHeader">>>> Jules
<a class="moz-txt-link-rfc2396E" href="mailto:Jules@Zend.To"><Jules@Zend.To></a> 5/20/2020 4:54 AM >>><br>
</span>
<div> Ken,
<div><br>
</div>
<div> </div>
<div> ZendTo actively locks out (for 24 hours) users who
have failed too many login attempts in a day.</div>
<div> This protects against hackers using your ZendTo to
attempt to find passwords by brute force.</div>
<div> </div>
<div> There are 2 ways of seeing who is currently locked
out, and to manually unlock them immediately:</div>
<div> 1. The web interface for an Admin user (it's one of
the red buttons).</div>
<div> 2. But if you can't get to that, then run
/opt/zendto/bin/unlockuser and it will show its
command-line usage. You should just be able to run</div>
<tt> sudo /opt/zendto/bin/unlockuser -a</tt>
<div><br>
</div>
<div> to unlock every temporarily-locked account.</div>
<div> </div>
<div> Hope that helps,</div>
<div> Jules.</div>
<div> </div>
<div class="moz-cite-prefix">On 19/05/2020 22:28, Ken Etter
via ZendTo wrote:<br>
</div>
<blockquote cite="mid:WM!8f8e5b8d4c23527c2eb3958915c6518cb1fcc1baaac338cccdb8ab8ca53040a5a670830ab713e0e1a0fdf5aa4e178fd9!@mx.jul.es" type="cite">
<meta name="Generator" content="Novell Groupwise Client
(Version 18.2.1 Build: 135777)">
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589921280000_KLE">
<div>And now it is working again. Since a trace on my
ldap server showed I wasn't even getting a query from
ZendTo, I decided to see what my firewall was seeing.
ZendTo is installed in my DMZ. I log into the firewall
and do a couple of logins to ZendTo with other
accounts and watch what shows up in the firewall. Then
I try my login again and it works and shows up in the
firewall as expected. I had changed nothing, I just
logged into the firewall to see the activity.
Frustrating not knowing why, but things are working
again. I assume the firewall between the DMZ and the
rest of the network was the issue, but I have no idea
how or why since it just started working.</div>
<div><br>
</div>
<div>My apologies for all the clutter on the mailing
list.</div>
<div><br>
</div>
<div>Ken<br>
</div>
<meta name="Generator" content="Novell Groupwise Client
(Version 18.2.1 Build: 135777)">
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589920870000_KLE"><span class="GroupwiseReplyHeader">>>> Ken Etter
5/19/2020 4:48 PM >>><br>
</span>
<div>I have other software that also does LDAP
authentication and my account works fine there. A
trace on my LDAP server shows the login happening as
expected. So it is as if ZendTo thinks my account is
not an LDAP account and is trying to authenticate
elsewhere and failing.<br>
<br>
Ken<br>
</div>
<meta name="Generator" content="Novell Groupwise
Client (Version 18.2.1 Build: 135777)">
</div>
<div class="GroupWiseMessageBody" id="GroupWiseSection_1589920611000_KLE@msktd.com_1FEF159614D20000B1ED8700B3004500_"><span class="GroupwiseReplyHeader">>>> Ken Etter
5/19/2020 4:41 PM >>><br>
</span>
<div>Doing some more digging into this and not making
much progress. I was working on moving ZendTo ldap
authentication from port 389 to port 636 (SSL).
Something wasn't working right, but now my account
is locked out of ZendTo. Doing a trace from my LDAP
server shows that I don't even get a request from
ZendTo. ZendTo is working for all accounts except
mine. Is there anything at all within ZendTo that
might give me a clue as to what is going on?<br>
</div>
<span id="GWSignatureSent" style="padding-right: 0px; padding-left: 0px; margin-bottom: 5px; display: block;"><span style="display: block;"><br>
<span style="font-size: 10pt; display: inline-block; -ms-word-wrap: normal;">
<div style='color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: "Open Sans", sans-serif; font-size: 13.32px; font-style: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-color: inherit; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-caps: normal; text-decoration-style: initial; text-decoration-color: initial;'><font color="#000000" face="Arial"><strong>Ken
Etter</strong>, System Administrator</font></div>
<div style='color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: "Open Sans", sans-serif; font-size: 13.32px; font-style: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-color: inherit; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-caps: normal; text-decoration-style: initial; text-decoration-color: initial;'><font color="#00abe2" face="Arial">Architectural
Group</font></div>
<div style='color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: "Open Sans", sans-serif; font-size: 13.32px; font-style: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-color: inherit; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-caps: normal; text-decoration-style: initial; text-decoration-color: initial;'><font color="#000000" face="Arial">260.432.9337</font><font color="#000000" face="Arial"><span> </span>|<span>
</span></font><a style="border: currentColor; border-image: none; color: rgb(0, 0, 0); text-decoration: none;" href="http://msktd.com/" moz-do-not-send="true"><font color="#000000" face="Arial">msktd.com</font></a></div>
<br>
<div style='color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: "Open Sans", sans-serif; font-size: 13.32px; font-style: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-color: inherit; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-caps: normal; text-decoration-style: initial; text-decoration-color: initial;'><a style="border: currentColor; border-image: none; color: rgb(0, 0, 0); text-decoration: none;" href="http://msktd.com/" moz-do-not-send="true"><img style="border: currentColor; border-image: none;" src="cid:ZKALBQCKIUSU.IMAGE.png"></a></div>
<div>
<div style='color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: "Open Sans", sans-serif; font-size: 13.32px; font-style: normal; font-weight: 400; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; background-color: inherit; -webkit-text-stroke-width: 0px; font-variant-ligatures: normal; font-variant-caps: normal; text-decoration-style: initial; text-decoration-color: initial;'><br>
</div>
</div>
</span></span></span><span style="margin-bottom: 5px; display: block;"><br>
</span></div>
</div>
<div><br>
</div>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
ZendTo mailing list
<a class="moz-txt-link-abbreviated" href="mailto:ZendTo@zend.to" moz-do-not-send="true">ZendTo@zend.to</a>
<a class="moz-txt-link-freetext" href="http://jul.es/mailman/listinfo/zendto" moz-do-not-send="true">http://jul.es/mailman/listinfo/zendto</a>
</pre>
</blockquote>
<div><br>
</div>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'Teach a man to reason, and he will think for a lifetime.' - Phil Plait
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a>
Twitter: @JulesFM
</pre>
</div>
</div>
</div>
</blockquote>
<div><br></div>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
The current UK shipping forecast:
Shannon, Rockall: South backing southwest 5 to 7, occasionally gale 8 later in
Shannon. Moderate or rough. Rain, showers later. Good, occasionally poor.
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To">www.Zend.To</a>
Twitter: @JulesFM
</pre>
</div>
</div></div></body></html>