Finally sorted it out.
It REALLY bothered me that it wasn't clear exactly
HOW Zimbra knows to show the "Forgot password" link before knowing
ANYTHING about who is logging in. Zimbra says you can set "zimbraFeatureResetPasswordStatus" per domain & COS but how does that help if the user hasn't typed anything in yet?
I kept coming back to the fact the only thing Zimbra had was that I was trying to log into
- securemail.abc.net
which is the FQDN for the server.
Within Zimbra I HAD set
- securemail.abc.net
as an alias domain for
- abc.net
the default domain in this Zimbra deployment (I think I did this way back when to address some email recipient settings w/in zimbra).
On a whim I decided to set zimbraFeatureResetPasswordStatus for this alias domain as well
Code: Select all
zimbra@securemail:~$ zmprov md securemail.abc.net zimbraFeatureResetPasswordStatus enabled
zimbra@securemail:~$ zmprov gd securemail.abc.net zimbraFeatureResetPasswordStatus enabled
# name securemail.rnome.net
zimbraFeatureResetPasswordStatus: enabled
and restarted Zimbra services and what do you know, the "Forgot password" link is there!
Post-game analysis:
- I'd assumed that settings for abc.net would apply to securemail.abc.net as well
- If I'd been logging into
https://abc.net I suspect the "Forgot password" link would've been there.