Cisco Cisco Web Security Appliance S380 Guida Utente
Chapter 20 Authentication
LDAP Authentication
20-50
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
describes the user object settings.
Table 20-14
LDAP Group Authorization—User Object Settings
User Object Setting
Description
Group Membership
Attribute Within User
Object
Attribute Within User
Object
Choose the attribute which list all the groups that this
user belongs to.
user belongs to.
Choose one of the following values:
•
memberOf. Unique identifiers in the LDAP
directory that specify user members.
directory that specify user members.
•
custom. A custom identifier such as
UserInGroup
.
Group Membership
Attribute is a DN
Attribute is a DN
Specify whether the group membership attribute is a
distinguished name (DN) which refers to an LDAP
object. For Active Directory servers, enable this option.
distinguished name (DN) which refers to an LDAP
object. For Active Directory servers, enable this option.
When this is enabled, you must configure the
subsequent settings.
subsequent settings.
Attribute that
Contains the Group
Name
Contains the Group
Name
When the group membership attribute is a DN, this
specifies the attribute that can be used as group name in
policy group configurations.
specifies the attribute that can be used as group name in
policy group configurations.
Choose one of the following values:
•
cn. A unique identifier in the LDAP directory that
specifies the name of a group.
specifies the name of a group.
•
custom. A custom identifier such as
FinanceGroup
.
Query String to
Determine if Object
is a Group
Determine if Object
is a Group
Choose an LDAP search filter that determines if an
LDAP object represents a user group.
LDAP object represents a user group.
Choose one of the following values:
•
objectclass=groupofnames
•
objectclass=groupofuniquenames
•
objectclass=group
•
custom. A custom filter such as
objectclass=person
.
Note: The query defines the set of authentication groups
which can be used in Web Security Manager policies.
which can be used in Web Security Manager policies.