Cisco Cisco Email Security Appliance C160 Mode D'Emploi
26-40
Cisco AsyncOS 9.5 for Email User Guide
Chapter 26 LDAP Queries
Configuring External LDAP Authentication for Users
Step 6
Enter an authentication username and password for the authentication profile.
Step 7
Click Finish.
Step 8
Choose Network > SMTP Routes.
Step 9
Click the All Other Domains link in the Receiving Domain column of the table.
Step 10
Enter the name of the Destination Host for the SMTP route. This is the hostname of your external mail
relay used to deliver outgoing mail.
relay used to deliver outgoing mail.
Step 11
Select the outgoing SMTP authentication profile from the drop-down menu.
Step 12
Submit and commit your changes.
Logging and SMTP Authentication
The following events will be logged in the mail logs when the SMTP Authentication mechanism (either
LDAP-based, SMTP forwarding server based, or SMTP outgoing) is configured on the appliance:
LDAP-based, SMTP forwarding server based, or SMTP outgoing) is configured on the appliance:
•
[Informational] Successful SMTP Authentication attempts — including the user authenticated and
the mechanism used. (No plaintext passwords will be logged.)
the mechanism used. (No plaintext passwords will be logged.)
•
[Informational] Unsuccessful SMTP Authentication attempts — including the user authenticated
and the mechanism used.
and the mechanism used.
•
[Warning] Inability to connect to the authentication server — including the server name and the
mechanism.
mechanism.
•
[Warning] A time-out event when the forwarding server (talking to an upstream, injecting appliance)
times out while waiting for an authentication request.
times out while waiting for an authentication request.
Configuring External LDAP Authentication for Users
You can configure the appliance to use an LDAP directory on your network to authenticate users by
allowing them to log in with their LDAP usernames and passwords. After you configure the
authentication queries for the LDAP server, enable the appliance to use external authentication on the
System Administration > Users page in the GUI (or use the
allowing them to log in with their LDAP usernames and passwords. After you configure the
authentication queries for the LDAP server, enable the appliance to use external authentication on the
System Administration > Users page in the GUI (or use the
userconfig
command in the CLI).
Procedure
Step 1
Create a query to find user accounts. In an LDAP server profile, create a query to search for user
accounts in the LDAP directory.
accounts in the LDAP directory.
Step 2
Create group membership queries. Create a query to determine if a user is a member of a directory
group.
group.
Step 3
Set up external authentication to use the LDAP server. Enable the appliance to use the LDAP server
for user authentication and assign user roles to the groups in the LDAP directory. For more information,
see “Adding Users” in the “Distributing Administrative Tasks” chapter.
for user authentication and assign user roles to the groups in the LDAP directory. For more information,
see “Adding Users” in the “Distributing Administrative Tasks” chapter.