Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
681682683684685686687688689690
25-6
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 25 LDAP Queries
Overview of LDAP Queries
If you configure the LDAP server profile for load balancing, these connections are distributed among the
listed LDAP servers. For example, if you configure 10 simultaneous connections and load balance the
connections over three servers, AsyncOS creates 10 connections to each server, for a total of 30
connections.
Note The maximum number of simultaneous connections includes LDAP connections used for LDAP
queries. However, the appliance may open more connections if you use LDAP authentication for
the Spam Quarantine.
Step 12 Test the connection to the server by clicking the Test Server(s) button. If you specified multiple LDAP
servers, they are all tested. The results of the test appear in the Connection Status field. For more
information, see Testing LDAP Servers, page 25-6.
Step 13 Create queries by marking the checkbox and completing the fields. You can select Accept, Routing,
Masquerade, Group, SMTP Authentication, External Authentication, Spam Quarantine End-User
Authentication, and Spam Quarantine Alias Consolidation.
Note To allow the appliance to run LDAP queries when you receive or send messages, you must
enable the LDAP query on the appropriate listener. For more information, see Enabling LDAP
Queries to Run on a Particular Listener, page 25-7.
Step 14 Test a query by clicking the Test Query button.
Enter the test parameters and click Run Test. The results of the test appear in the Connection Status
field. If you make any changes to the query definition or attributes, click Update. For more
information, see Testing LDAP Queries, page 25-17.
Note If you have configured the LDAP server to allow binds with empty passwords, the query can pass
the test with an empty password field.
Step 15 Submit and commit your changes.
Note Although the number of server configurations is unlimited, you can configure only one recipient
acceptance, one routing, one masquerading, and one group query per server.
Testing LDAP Servers
Use the Test Serve r(s) button on the Add/Edit LDAP Server Profile page (or the test subcommand of
the
ldapconfig command in the CLI) to test the connection to the LDAP server. AsyncOS displays a
message stating whether the connection to the server port succeeded or failed. If you configured multiple
LDAP servers, AsyncOS tests each server and displays individual results.