See also: https://jitsi.org/Documentation/LDAP
With the Account Access set to anonymous, you no longer need to specify the Bind DN and Password in the Jitsi LDAP settings (see screenshot @ http://www.clearfoundation.com/docs/howtos/connect_jitsi_to_clearos_directory). The “cn=manager” account is the root account for LDAP, so you don't want to share that password with end users!
In general, a Tiki deployment may want to password protect the address book information. You can set the Account Access feature to password protected (instead of anonymous). The Jitsi settings would then be:
- Bind DN: cn=accounts,ou=Internal,dc=tikisuite,dc=org - Password: specified by end user
This “cn=accounts” has read-only access to users/groups, so this password can be shared around. It's also possible to require a password on a per-user basis… just let me know if that's required.