Cisco Cisco Content Security Management Appliance M1070 ユーザーガイド
Chapter 9 LDAP Queries
9-12
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
the email address for the consolidated spam notifications. If a query fails,
AsyncOS displays a reason for the failure, such as no matching LDAP records
were found, or the matching record did not contain the email attribute. If you use
multiple LDAP servers, the Cisco IronPort appliance tests the query on each
LDAP server.
AsyncOS displays a reason for the failure, such as no matching LDAP records
were found, or the matching record did not contain the email attribute. If you use
multiple LDAP servers, the Cisco IronPort appliance tests the query on each
LDAP server.
Domain-Based Queries
Domain-based queries are LDAP queries that are grouped by type and associated
with a domain. You might want to use domain-based queries if different LDAP
servers are associated with different domains, but you need to run queries for all
your LDAP servers for end-user quarantine access. For example, a company
called Bigfish owns the domains Bigfish.com, Redfish.com, and Bluefish.com,
and it maintains a different LDAP server for employees associated with each
domain. Bigfish can use a domain-based query to authenticate end-users against
the LDAP directories of all three domains.
with a domain. You might want to use domain-based queries if different LDAP
servers are associated with different domains, but you need to run queries for all
your LDAP servers for end-user quarantine access. For example, a company
called Bigfish owns the domains Bigfish.com, Redfish.com, and Bluefish.com,
and it maintains a different LDAP server for employees associated with each
domain. Bigfish can use a domain-based query to authenticate end-users against
the LDAP directories of all three domains.
To use a domain-based query to control end-user access or notifications for the
Cisco IronPort Spam Quarantine, complete the following steps:
Cisco IronPort Spam Quarantine, complete the following steps:
Step 1
Create an LDAP server profile for each domain you want to use in the
domain-based query. In each server profile, configure the queries you want to use
in the domain-based query. For more information, see
domain-based query. In each server profile, configure the queries you want to use
in the domain-based query. For more information, see
.
Step 2
Create the domain-based query. When you create the domain-based query, you
select queries from each server profile, and designate the domain-based query as
an active query for the Cisco IronPort Spam Quarantine. For more information
about creating the query, see
select queries from each server profile, and designate the domain-based query as
an active query for the Cisco IronPort Spam Quarantine. For more information
about creating the query, see
Step 3
Enable end-user access or spam notifications for the Cisco IronPort Spam
Quarantine. For more information, see
Quarantine. For more information, see