Cisco Cisco Email Security Appliance C160 Mode D'Emploi
8-4
Cisco IronPort AsyncOS 7.6 for Email Advanced Configuration Guide
OL-25137-01
Chapter 8 Centralized Management
Now, imagine that you create new LDAP query settings for the group. The result will be something like
this:
this:
The group-level settings now override the cluster-level setting; however, the new group settings are
initially empty. The group mode does not actually have any LDAP queries of its own configured. Note
that a machine within this group will inherit this “empty” set of LDAP queries from the group.
initially empty. The group mode does not actually have any LDAP queries of its own configured. Note
that a machine within this group will inherit this “empty” set of LDAP queries from the group.
Next, you can add an LDAP query to the group, for example:
Now the cluster level has one set of queries configured while the group has another set of queries. The
machine will inherit its queries from the group.
machine will inherit its queries from the group.
Creating and Joining a Cluster
You cannot create or join a cluster from the Graphical User Interface (GUI). You must use the Command
Line Interface (CLI) to create, join, or configure clusters of machines. Once you have created a cluster,
you can change configuration settings from either the GUI or the CLI.
Line Interface (CLI) to create, join, or configure clusters of machines. Once you have created a cluster,
you can change configuration settings from either the GUI or the CLI.
Be sure to enable your centralized management feature key before you attempt to create a cluster.
Note
Your Cisco IronPort appliance does not ship with an evaluation key for the centralized management
feature. You must request a 30-day evaluation, or purchase a key, before you can enable the centralized
management feature. Use the
feature. You must request a 30-day evaluation, or purchase a key, before you can enable the centralized
management feature. Use the
featurekey
command in the CLI or the System Administration > Feature
Keys page to enable your key.
The clusterconfig Command
A machine can create or join a cluster only via the
clusterconfig
command.
•
When a new cluster is created, all of that cluster’s initial settings will be inherited from the machine
that creates the cluster. If a machine was previously configured in “standalone” mode, its standalone
settings are used when creating the cluster.
that creates the cluster. If a machine was previously configured in “standalone” mode, its standalone
settings are used when creating the cluster.
•
When a machine joins a cluster, all of that machine’s clusterable settings will be inherited from the
cluster level. In other words, everything except certain machine-specific settings (IP addresses, etc)
will be lost and will be replaced with the settings from the cluster and/or the group selected for that
machine to join. If a machine was previously configured in “standalone” mode, its standalone
settings are used when creating the cluster, and no settings at the machine level are maintained.
cluster level. In other words, everything except certain machine-specific settings (IP addresses, etc)
will be lost and will be replaced with the settings from the cluster and/or the group selected for that
machine to join. If a machine was previously configured in “standalone” mode, its standalone
settings are used when creating the cluster, and no settings at the machine level are maintained.
Cluster
(ldap queries: a, b, c)
Group
(ldap queries: None)
Machine
Cluster
(ldap queries: a, b, c)
Group
(ldap queries: d)
Machine