Zimbra using External Active Directory, but disabled AD accounts can still login

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
davidkillingsworth
Outstanding Member
Outstanding Member
Posts: 251
Joined: Sat Sep 13, 2014 2:26 am
ZCS/ZD Version: 8.8.15.GA.3869.UBUNTU14.64-Patch 24

Zimbra using External Active Directory, but disabled AD accounts can still login

Post by davidkillingsworth »

We just noticed a strange problem.

We are using a Windows 2019 Active Directory to authenticate Zimbra users.
This is configured as External Active Directory authentication mode.

When this was first setup years ago, the AD domain was Windows Server 2008. We upgraded the domain to 2019 about a year or so ago. Previously, when an AD user account was disabled, we were not able to login to Zimbra with their account, which is what one would expect of the authentication method.

However, we just noticed that when we disable an AD account, we are still able to login to Zimbra with that account. We are using Release 8.8.15.GA.3829.UBUNTU14.64 UBUNTU18_64 FOSS edition, Patch 8.8.15_P24.

Anybody else noticing anything like this?

I am assuming this is a configuration issue on the AD side. I don't see it being a Zimbra issue, but posting here in case anyone can help.
Post Reply