Cisco Cisco Content Security Management Appliance M1070 Guía Del Usuario
11-10
AsyncOS 9.1 for Cisco Content Security Management Appliances User Guide
Chapter 11 Integrating with LDAP
Chain Queries
Note
To do the same configuration on the command line interface, type the
advanced
subcommand of the
ldapconfig
command at the command line prompt.
Chain Queries
A chain query is a series of LDAP queries that AsyncOS runs in succession. AsyncOS runs each query
in the series each query in the “chain” until the LDAP server returns a positive response or the final query
returns a negative response or fails. Chain queries can be useful if entries in LDAP directories use
different attributes to store similar (or the same) values. For example, departments in an organization
might use different types of LDAP directories. The IT department might use OpenLDAP while the Sales
department uses Active Directory. To ensure that queries run against both types of LDAP directories,
you can use chain queries.
in the series each query in the “chain” until the LDAP server returns a positive response or the final query
returns a negative response or fails. Chain queries can be useful if entries in LDAP directories use
different attributes to store similar (or the same) values. For example, departments in an organization
might use different types of LDAP directories. The IT department might use OpenLDAP while the Sales
department uses Active Directory. To ensure that queries run against both types of LDAP directories,
you can use chain queries.
To use a chain query to control end-user access or notifications for the spam quarantine, complete the
following steps:
following steps:
Procedure
Step 1
Create an LDAP server profile for each query you want to use in the chain queries. For each of the server
profiles, configure the queries you want to use for a chain query. For more information, see
profiles, configure the queries you want to use for a chain query. For more information, see
Step 2
Create the chain query and designate it as an active query for the spam quarantine. For more information,
see
see
Step 3
Enable LDAP end-user access or spam notifications for the spam quarantine. For more information about
the spam quarantine, see
the spam quarantine, see
Creating a Chain Query
Tip
You can also use the
advanced
subcommand of the
ldapconfig
command in the CLI.
Procedure
Step 1
On the Security Management appliance, choose Management Appliance > System Administration >
LDAP > LDAP Server.
LDAP > LDAP Server.
Step 2
From the LDAP Server Profiles page, click Advanced.
Step 3
Click Add Chained Query.
Step 4
Enter a name for the chain query.
Step 5
Select the query type.