Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
Chapter 3 LDAP Queries
3-180
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Note
IronPort Systems strongly recommends using the Test feature of the LDAP page
(or the
(or the
test
subcommand of the
ldapconfig
command) to test all queries you
construct and ensure that expected results are returned before you enable LDAP
functionality on a listener. See
functionality on a listener. See
information.
Secure LDAP (SSL)
You can use instruct AsyncOS to use SSL when communicating with the LDAP
server. If you configure your LDAP server profile to use SSL:
server. If you configure your LDAP server profile to use SSL:
•
AsyncOS will use the LDAPS certificate configured via
certconfig
in the
CLI (see
).
You may have to configure your LDAP server to support using the LDAPS
certificate.
certificate.
•
If an LDAPS certificate has not been configured, AsyncOS will use the demo
certificate.
certificate.
Routing Queries
There is no recursion limit for LDAP routing queries; the routing is completely
data driven. However, AsyncOS does check for circular reference data to prevent
the routing from looping infinitely.
data driven. However, AsyncOS does check for circular reference data to prevent
the routing from looping infinitely.
Anonymous Queries
You may need to configure your LDAP directory server to allow for anonymous
queries. (That is, clients can bind to the server anonymously and perform queries.)
For specific instructions on configuring Active Directory to allow anonymous
queries, see the “Microsoft Knowledge Base Article - 320528” at the following
URL:
queries. (That is, clients can bind to the server anonymously and perform queries.)
For specific instructions on configuring Active Directory to allow anonymous
queries, see the “Microsoft Knowledge Base Article - 320528” at the following
URL:
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B320528