User Guide

CHAPTER

25-1

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

LDAP Queries

• Overview of LDAP Queries, page 25-1

• Working with LDAP Queries, page 25-12

• Using Acceptance Queries For Recipient Validation, page 25-19

• Using Routing Queries to Send Mail to Multiple Target Addresses, page 25-20

• Using Masquerading Queries to Rewrite the Envelope Sender, page 25-21

• Using Group LDAP Queries to Determine if a Recipient is a Group Member, page 25-23

• Using Domain-based Queries to Route to a Particular Domain, page 25-26

• Using Chain Queries to Perform a Series of LDAP Queries, page 25-28

• Using LDAP For Directory Harvest Attack Prevention, page 25-29

• Configuring AsyncOS for SMTP Authentication, page 25-32

• Configuring External LDAP Authentication for Users, page 25-40

• Authenticating End-Users of the Spam Quarantine, page 25-43

• Spam Quarantine Alias Consolidation Queries, page 25-44

• Identifying a Sender’s User Distinguished Name for RSA Enterprise Manager, page 25-45

• Configuring AsyncOS To Work With Multiple LDAP Servers, page 25-46

Overview of LDAP Queries

If you store user information within LDAP directories in your network infrastructure — for example, in

Microsoft Active Directory, SunONE Directory Server, or OpenLDAP directories — you can configure

the appliance to query your LDAP servers to accept, route, and authenticate messages. You can configure

the appliance to work with one or multiple LDAP servers.

The following section provides an overview on the types of LDAP queries you can perform; how LDAP

works with the appliance to authenticate, accept, and route messages; and how to configure your

appliance to work with LDAP.