Cisco Cisco Email Security Appliance C170 Guida Utente
Chapter 4 LDAP Queries
4-242
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
it searches for group membership information on an Active Directory server.
Table 4-9
Default Group Membership Query Strings and Attribute: Active
Directory
Directory
Server Type
Active Directory
Base DN
[blank] (You need to use a specific base DN to find
the group records.)
the group records.)
Query string to determine if a
user is a member of a group
user is a member of a group
(&(objectClass=group)(member={u}))
Note
If your LDAP schema uses distinguished names in the
memberOf
list instead of usernames, you can replace
{u}
with {dn}.
Attribute that holds each
member's username (or a DN
for the user's record)
member's username (or a DN
for the user's record)
member
Attribute that contains the
group name
group name
cn
it searches for group membership information on an OpenLDAP server.
Table 4-10
Default Group Membership Query Strings and Attributes:
OpenLDAP
OpenLDAP
Server Type
OpenLDAP
Base DN
[blank] (You need to use a specific base DN to find
the group records.)
the group records.)
Query string to determine if a
user is a member of a group
user is a member of a group
(&(objectClass=posixGroup)(memberUid={u}))
Attribute that holds each
member's username (or a DN
for the user's record)
member's username (or a DN
for the user's record)
memberUid
Attribute that contains the
group name
group name
cn