Руководство Пользователя для Cisco Cisco Content Security Management Appliance M390
10-12
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 10 Integrating with LDAP
Testing Servers and Queries
Use the Test Server(s) button on the Add (or Edit) LDAP Server Profile page (or the
test
subcommand
in the CLI) to test the connection to an LDAP server. If you use multiple LDAP servers, AsyncOS tests
each server and displays individual results for each server. AsyncOS will also test the query on each
LDAP server and display the individual results.
each server and displays individual results for each server. AsyncOS will also test the query on each
LDAP server and display the individual results.
Failover
To ensure an LDAP server is available to that resolve queries, you can configure the LDAP profile for
failover.
failover.
The Cisco IronPort appliance attempts to connect to the first server in the list of LDAP servers for a
specified period of time. If the appliance cannot connect to the first LDAP server in the list, the appliance
attempts to connect to the next LDAP server in the list. To ensure that the Cisco IronPort appliance
connects to the primary LDAP server by default, enter it as the first server in the list of LDAP servers.
specified period of time. If the appliance cannot connect to the first LDAP server in the list, the appliance
attempts to connect to the next LDAP server in the list. To ensure that the Cisco IronPort appliance
connects to the primary LDAP server by default, enter it as the first server in the list of LDAP servers.
If the Cisco IronPort appliance connects to a second or subsequent LDAP server, it remains connected
to that server for a specified period of time. At the end of this period, the appliance attempts to reconnect
to the first server in the list.
to that server for a specified period of time. At the end of this period, the appliance attempts to reconnect
to the first server in the list.
Configuring the Cisco IronPort Appliance for LDAP Failover
Procedure
Step 1
On the Security Management appliance, choose Management Appliance > System Administration >
LDAP.
LDAP.
Step 2
Select the LDAP server profile you want to edit.
In the following example, the LDAP server name is example.com.
Figure 10-3
Example LDAP Failover Configuration
Step 3
In the Hostname text field, type the LDAP Servers; for example ldapserver.example.com.