Cisco Cisco Email Security Appliance C170 사용자 가이드
4-203
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
Chapter 4 LDAP Queries
–
Authentication type Anonymous
Anonymous Bind Setup for Active Directory
The following setup instructions allow you to make specific data available to
anonymous bind queries of Active Directory and Exchange 2000 servers in the
Microsoft Windows Active Directory. Anonymous bind of an Active Directory
server will send the username
anonymous bind queries of Active Directory and Exchange 2000 servers in the
Microsoft Windows Active Directory. Anonymous bind of an Active Directory
server will send the username
anonymous
with a blank password.
Note
If a password is sent to an Active Directory server while attempting anonymous
bind, authentication may fail.
bind, authentication may fail.
Step 1
Determine required Active Directory permissions.
Using the ADSI Edit snap-in or the LDP utility, you must modify the
permissions to the attributes of the following Active Directory objects.
permissions to the attributes of the following Active Directory objects.
–
The root of the domain naming context for the domain against which you
want to make queries.
want to make queries.
–
All OU and CN objects that contain users against which you wish to
query email information.
query email information.
The following table shows the required permissions to be applied to all of the
needed containers.
needed containers.
User Object
Permissions
Inheritance
Permission
Type
Type
ANONYMOUS
LOGON
LOGON
List Contents
Container
Objects
Objects
Object
ANONYMOUS
LOGON
LOGON
List Contents
Organizational
Unit Objects
Unit Objects
Object
ANONYMOUS
LOGON
LOGON
Read Public Information
User Objects
Property
ANONYMOUS
LOGON
LOGON
Read Phone and Mail
Options
Options
User Objects
Property
Step 2
Set Active Directory Permissions
–
Open ADSIEdit form the Windows 2000 Support Tools.