Cisco Cisco Email Security Appliance C190 Guía Del Usuario
Chapter 3 LDAP Queries
3-222
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
it searches for group membership information on an Active Directory server.
Table 3-9
Default Group Membership Query Strings and Attribute: Active
Directory
Directory
Server Type
Active Directory
Base DN
[blank] (You need to use a specific base DN to find
the group records.)
the group records.)
Query string to determine if a
user is a member of a group
user is a member of a group
(&(objectClass=group)(member={u}))
Note
If your LDAP schema uses distinguished names in the
memberOf
list instead of usernames, you can replace
{u}
with {dn}.
Attribute that holds each
member's username (or a DN
for the user's record)
member's username (or a DN
for the user's record)
member
Attribute that contains the
group name
group name
cn
it searches for group membership information on an OpenLDAP server.
Table 3-10
Default Group Membership Query Strings and Attributes:
OpenLDAP
OpenLDAP
Server Type
OpenLDAP
Base DN
[blank] (You need to use a specific base DN to find
the group records.)
the group records.)
Query string to determine if a
user is a member of a group
user is a member of a group
(&(objectClass=posixGroup)(memberUid={u}))
Attribute that holds each
member's username (or a DN
for the user's record)
member's username (or a DN
for the user's record)
memberUid
Attribute that contains the
group name
group name
cn