User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680

681

682

683

684

685

686

687

688

689

690

25-4

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 25 LDAP Queries

Overview of LDAP Queries

3. Data is received from the LDAP directory, and, depending on the queries defined on the System

Administration > LDAP page (or in the

ldapconfig command) that are used by the listener:

–

the message is routed to the new recipient address, or dropped or bounced

–

the message is routed to the appropriate mailhost for the new recipient

–

From:, To:, and CC: message headers are re-written based upon the query

–

further actions as defined by rcpt-to-group or mail-from-group message filter rules (used in

conjunction with configured group queries).

Note You can configure your appliance to connect to multiple LDAP servers. When you do this, you can

configure the LDAP profile settings for load-balancing or failover. For more information about working

with multiple LDAP servers, see Configuring AsyncOS To Work With Multiple LDAP Servers,

page 25-46.

Configuring the Cisco IronPort Appliance to Work with an LDAP Server

When you configure your appliance to work with an LDAP directory, you must complete the following

steps to configure your AsyncOS appliance for acceptance, routing, aliasing, and masquerading:

Procedure

Step 1 Configure LDAP server profiles. The server profile contains information to enable AsyncOS to connect

to the LDAP server (or servers), such as:

–

the name of the server (s) and port to send queries,

–

the base DN, and

–

the authentication requirements for binding to the server

For more information about configuring a server profile, see Creating LDAP Server Profiles to Store

Information About the LDAP Server, page 25-5.

When you configure the LDAP server profile, you can configure AsyncOS to connect to one or

multiple LDAP servers.

For information about configuring AsyncOS to connect to multiple servers, see Configuring

AsyncOS To Work With Multiple LDAP Servers, page 25-46.

Step 2 Configure the LDAP query. You configure the LDAP queries on the LDAP server profile. The query

you configure should be tailored to your particular LDAP implementation and schema.

For information on the types of LDAP queries you can create, see Understanding LDAP Queries,

page 25-2.

For information on writing queries, see Working with LDAP Queries, page 25-12.

Step 3 Enable the LDAP server profile on a public listener or on a private listener. You must enable the

LDAP server profile on a listener to instruct the listener to run the LDAP query when accepting, routing,

or sending a message.

For more information, see Enabling LDAP Queries to Run on a Particular Listener, page 25-7.