Cisco Cisco Content Security Management Appliance M1070 User Guide
Chapter 9 LDAP Queries
9-4
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
You can enter multiple host names to configure the LDAP servers for failover or
load-balancing. Separate multiple entries with commas. For more information,
see
load-balancing. Separate multiple entries with commas. For more information,
see
Step 5
Select an authentication method. You can use anonymous authentication or
specify a username and password.
specify a username and password.
Note
You need to configure LDAP authentication to view client user IDs instead of
client IP addresses on reports. Without LDAP authentication the system can only
refer to users by their IP address. Choose the Use Password radio button, and
enter the User name and password. The user name will now be seen on the Internal
Users Summary page.
client IP addresses on reports. Without LDAP authentication the system can only
refer to users by their IP address. Choose the Use Password radio button, and
enter the User name and password. The user name will now be seen on the Internal
Users Summary page.
Step 6
Select the LDAP server type: Active Directory, OpenLDAP, or Unknown or Other.
Step 7
Enter a port number.
The default port is 3268. This is the default port for Active Directory that
enables it to access the global catalog in a multi-server environment.
enables it to access the global catalog in a multi-server environment.
Step 8
Enter a base DN (distinguishing name) for the LDAP server.
If you authenticate with a username and a password, the username must
include the full DN to the entry that contains the password. For example, a
user with an email address of joe@example.com is a user of the marketing
group. The entry for this user would look like the following entry:
include the full DN to the entry that contains the password. For example, a
user with an email address of joe@example.com is a user of the marketing
group. The entry for this user would look like the following entry:
uid=joe, ou=marketing, dc=example dc=com
Step 9
Under Advanced, select whether to use SSL when communicating with the LDAP
server.
server.
Step 10
Enter the cache time-to-live. This value represents the amount of time to retain
caches.
caches.
Step 11
Enter the maximum number of retained cache entries.
Step 12
Enter a maximum number of simultaneous connections.
If you configure the LDAP server profile for load balancing, these
connections are distributed among the listed LDAP servers. For example, if
you configure 10 simultaneous connections and load balance the connections
over three servers, AsyncOS creates 10 connections to each server, for a total
of 30 connections. For more information, see
connections are distributed among the listed LDAP servers. For example, if
you configure 10 simultaneous connections and load balance the connections
over three servers, AsyncOS creates 10 connections to each server, for a total
of 30 connections. For more information, see
.