Cisco Cisco Content Security Management Appliance M390 Guía Del Usuario
Chapter 9 LDAP Queries
9-14
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Step 9
Test the query by clicking the Test Query button and entering a user login and
password or an email address to test in the Test Parameters fields. The results
appear in the Connection Status field.
password or an email address to test in the Test Parameters fields. The results
appear in the Connection Status field.
Step 10
Check the Designate as the active query checkbox if you want the Cisco IronPort
Spam Quarantine to use the domain-based query.
Spam Quarantine to use the domain-based query.
Note
The domain-based query becomes the active LDAP query for the
specified query type. For example, if the domain-based query is used for
end-user authentication, it becomes the active end-user authentication
query for the Cisco IronPort Spam Quarantine.
specified query type. For example, if the domain-based query is used for
end-user authentication, it becomes the active end-user authentication
query for the Cisco IronPort Spam Quarantine.
Step 11
Click Submit and then click Commit to commit your changes.
Note
To do the same configuration on the command line interface, type the
advanced
subcommand of the
ldapconfig
command at the command line prompt.
Chain Queries
A chain query is a series of LDAP queries that AsyncOS runs in succession.
AsyncOS runs each query in the series each query in the “chain” until the LDAP
server returns a positive response or the final query returns a negative response or
fails. Chain queries can be useful if entries in LDAP directories use different
attributes to store similar (or the same) values. For example, departments in an
organization might use different types of LDAP directories. The IT department
might use OpenLDAP while the Sales department uses Active Directory. To
ensure that queries run against both types of LDAP directories, you can use chain
queries.
AsyncOS runs each query in the series each query in the “chain” until the LDAP
server returns a positive response or the final query returns a negative response or
fails. Chain queries can be useful if entries in LDAP directories use different
attributes to store similar (or the same) values. For example, departments in an
organization might use different types of LDAP directories. The IT department
might use OpenLDAP while the Sales department uses Active Directory. To
ensure that queries run against both types of LDAP directories, you can use chain
queries.
To use a chain query to control end-user access or notifications for the Cisco
IronPort Spam Quarantine, complete the following steps:
IronPort Spam Quarantine, complete the following steps:
Step 1