Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
26-44
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 26 LDAP Queries
Authenticating End-Users of the Spam Quarantine
By default, the primary email attribute is
proxyAddresses
for Active Directory servers and
mail
for
OpenLDAP servers. You can enter your own query and email attributes. To create the query from the
CLI, use the
CLI, use the
isqauth
subcommand of the
ldapconfig
command.
Note
If you want users to log in with their full email address, use
(mail=smtp:{a})
for the Query String.
Related Topics
•
•
•
•
Sample Active Directory End-User Authentication Settings
This section shows sample settings for an Active Directory server and the end-user authentication query.
This example uses password authentication for the Active Directory server, the
This example uses password authentication for the Active Directory server, the
mail
and
proxyAddresses
email attributes, and the default query string for end-user authentication for Active
Directory servers.
Sample OpenLDAP End-User Authentication Settings
This section shows sample settings for an OpenLDAP server and the end-user authentication query. This
example uses anonymous authentication for the OpenLDAP server, the
example uses anonymous authentication for the OpenLDAP server, the
mail
and
mailLocalAddress
email attributes, and the default query string for end-user authentication for OpenLDAP servers.
Table 26-11
Example LDAP Server and Spam Quarantine End-User Authentication Settings:
Active Directory
Active Directory
Authentication Method
Use Password (Need to create a low-privilege user to bind
for searching, or configure anonymous searching.)
for searching, or configure anonymous searching.)
Server Type
Active Directory
Port
3268
Base DN
[Blank]
Connection Protocol
[Blank]
Query String
(sAMAccountName={u})
Email Attribute(s)
mail,proxyAddresses
Table 26-12
Example LDAP Server and Spam Quarantine End-User Authentication Settings:
OpenLDAP
OpenLDAP
Authentication Method
Anonymous
Server Type
OpenLDAP
Port
389
Base DN
[Blank] (Some older schemas will want to use a specific
Base DN.)
Base DN.)