Cisco Cisco Email Security Appliance C170 사용자 가이드
3-193
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Chapter 3 LDAP Queries
Sample Group Queries
Table 3-5
Example LDAP Query Strings for Common LDAP Implementation: Group
Query for:
Group
OpenLDAP
OpenLDAP does not support the
memberOf
attribute
by default. Your LDAP Administrator may add this
attribute or a similar attribute to the schema.
attribute or a similar attribute to the schema.
Microsoft Active Directory
(&(memberOf={g})(proxyAddresses=smtp:{a}))
SunONE Directory Server
(&(memberOf={g})(mailLocalAddress={a}))
For example, suppose that your LDAP directory classifies members of the
“Marketing” group as
“Marketing” group as
ou=Marketing
. You can use this classification to treat
messages sent to or from members of this group in a special way. Step 1 creates a
message filter to act upon the message, and Steps 2 and 3 enable the LDAP lookup
mechanism.
message filter to act upon the message, and Steps 2 and 3 enable the LDAP lookup
mechanism.
Configuring a Group Query
In the following example, mail from members of the Marketing group (as defined
by the LDAP group “Marketing”) will be delivered to the alternate delivery host
by the LDAP group “Marketing”) will be delivered to the alternate delivery host
marketingfolks.example.com
.
Step 1
First, a message filter is created to act upon messages that match positively for
group membership. In this example, a filter is created that uses the
group membership. In this example, a filter is created that uses the
mail-from-group
rule. All messages whose Envelope Sender is found to be in the
LDAP group “marketing-group1” will be delivered with an alternate delivery host
(the filters
(the filters
alt-mailhost
action).
The group membership field variable (groupName) will be defined in step 2.
The group attribute “groupName” is defined with the value
The group attribute “groupName” is defined with the value
marketing-group1
.
mail3.example.com> filters
Choose the operation you want to perform: