Back to Community Threads
2
Is the LDAP binding required?
Question asked by Neal Culiner - 8/16/2019 at 4:10 AM
Answered
I want to use the server that runs smartermail as a backup domain controller and with port 389 in use by SM I can't setup the backup domain controller. I don't use Active Directory with SmarterMail, is it okay to delete the LDAP (389) binding or is it used for anything else? 

3 Replies

Reply to Thread
0
Sébastien Riccio Replied
8/17/2019 at 2:46 AM
I can't answer for ST, but as LDAP is an enterprise only feature, I would say it is only needed if you want to use LDAP auth within SmarterMail.

Disabling it/unbinding the port should have no effect on normal usage.
Sébastien Riccio System & Network Admin https://swisscenter.com
1
Employee Replied
8/19/2019 at 9:40 AM
Employee Post Marked As Answer
Hi Neil.  If you're not using AD, then it's perfectly safe to delete the 389 LDAP port.  You can add it back later if needed.
1
Paul R Replied
9/4/2019 at 11:20 AM
Think long and hard about running ANYTHING on a domain controller.  Running public services on a DC violates Best Practices.  If you install a service on a DC, and that service gets compromised, you could be putting your entire Directory Services architecture at risk, depending on the nature of the attack.

We won't even run an RODC that faces publicly, nor do we allow 3rd party vendors to authenticate (or otherwise) against our AD.  The risks far outweigh the rewards.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Use LDAP with OutlookSmarterMail > Desktop and Mobile Synchronization
Implement LDAP with BarracudaSmarterMail > Antispam and Antivirus
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management