Cisco Cisco Email Security Appliance C650 Guía Del Usuario
25-13
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 25 LDAP Queries
Working with LDAP Queries
•
SMTP authentication. For more information, see
•
External authentication. For more information,
•
Spam quarantine end-user authentication query. For more information, see
•
Spam quarantine alias consolidation query. For more information, see
The search queries you specify are available to all listeners you configure on the system.
Base Distinguishing Name (DN)
The root level of the directory is called the base. The name of the base is the DN (distinguishing name).
The base DN format for Active Directory (and the standard as per RFC 2247) has the DNS domain
translated into domain components (dc=). For example, example.com's base DN would be: dc=example,
dc=com. Note that each portion of the DNS name is represented in order. This may or may not reflect
the LDAP settings for your configuration.
The base DN format for Active Directory (and the standard as per RFC 2247) has the DNS domain
translated into domain components (dc=). For example, example.com's base DN would be: dc=example,
dc=com. Note that each portion of the DNS name is represented in order. This may or may not reflect
the LDAP settings for your configuration.
If your directory contains multiple domains you may find it inconvenient to enter a single BASE for your
queries. In this case, when configuring the LDAP server settings, set the base to NONE. This will,
however, make your searches inefficient.
queries. In this case, when configuring the LDAP server settings, set the base to NONE. This will,
however, make your searches inefficient.
LDAP Query Syntax
Spaces are allowed in LDAP paths, and they do not need to be quoted. The CN and DC syntax is not
case-sensitive.
case-sensitive.
Cn=First Last,oU=user,dc=domain,DC=COM
The variable names you enter for queries are case-sensitive and must match your LDAP implementation
in order to work correctly. For example, entering
in order to work correctly. For example, entering
mailLocalAddress
at a prompt performs a different
query than entering
maillocaladdress
.
Related Topics
•
Tokens:
You can use the following tokens in your LDAP queries:
•
{a} username@domainname
•
{d} domainname
•
{dn} distinguished name
•
{g} groupname
•
{u} username
•
{f} MAIL FROM: address