Cisco Cisco Content Security Management Appliance M390 Guía Del Usuario
Chapter 9 LDAP Queries
9-6
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Testing LDAP Servers
Use the Test Server(s) button on the Add/Edit LDAP Server Profile page (or the
test
subcommand of the
ldapconfig
command in the CLI) to test the connection
to the LDAP server. AsyncOS displays a message stating whether the connection
to the server port succeeded or failed. If you configured multiple LDAP servers,
AsyncOS tests each server and displays individual results.
to the server port succeeded or failed. If you configured multiple LDAP servers,
AsyncOS tests each server and displays individual results.
Configuring LDAP Queries
The following sections provide the default query strings and configuration details
for each type of Cisco IronPort Spam Quarantine query:
for each type of Cisco IronPort Spam Quarantine query:
–
Spam quarantine end-user authentication query. For more
information, see the
information, see the
.
–
Spam quarantine alias consolidation query. For more information, see
To have the quarantine use an LDAP query for end-user access or spam
notifications, select the “Designate as the active query” check box. You can
designate one end-user authentication query to control quarantine access and one
alias consolidation query for spam notifications. Any existing active queries are
disabled. On the Security Management appliance, choose Management
Appliance > System Administration > LDAP page, an asterisk (*) is displayed
next to the active queries.
notifications, select the “Designate as the active query” check box. You can
designate one end-user authentication query to control quarantine access and one
alias consolidation query for spam notifications. Any existing active queries are
disabled. On the Security Management appliance, choose Management
Appliance > System Administration > LDAP page, an asterisk (*) is displayed
next to the active queries.
You can also specify a domain-based query or chain query as an active end-user
access or spam notification query. For more information, see
access or spam notification query. For more information, see
and
.
Note
Use the Test Query button on the LDAP page (or the ldaptest command) to verify
that your queries return the expected results.
that your queries return the expected results.
LDAP Query Syntax
Spaces are allowed in LDAP paths, and they do not need to be quoted. The CN
and DC syntax is not case-sensitive.
and DC syntax is not case-sensitive.