Cisco Cisco Email Security Appliance C160 Mode D'Emploi
3-179
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Chapter 3 LDAP Queries
If your directory contains multiple domains you may find it inconvenient to enter
a single BASE for your queries. In this case, when configuring the LDAP server
settings, set the base to NONE. This will, however, make your searches
inefficient.
a single BASE for your queries. In this case, when configuring the LDAP server
settings, set the base to NONE. This will, however, make your searches
inefficient.
LDAP Query Syntax
Spaces are allowed in LDAP paths, and they do not need to be quoted. The CN
and DC syntax is not case-sensitive.
and DC syntax is not case-sensitive.
Cn=First Last,oU=user,dc=domain,DC=COM
The variable names you enter for queries are case-sensitive and must match your
LDAP implementation in order to work correctly. For example, entering
LDAP implementation in order to work correctly. For example, entering
mailLocalAddress
at a prompt performs a different query than entering
maillocaladdress
.
Tokens:
You can use the following tokens in your LDAP queries:
•
{a} username@domainname
•
{d} domainname
•
{dn} distinguished name
•
{g} groupname
•
{u} username
•
{f} MAIL FROM: address
Note
The {f} token is valid in acceptance queries only.
For example, you might use the following query to accept mail for an Active
Directory LDAP server:
Directory LDAP server:
(|(mail={a})(proxyAddresses=smtp:{a}))