LDAP Profile
- The lightwe0ight directory access protocol (LDAP) is a protocol for querying and modifying data using directory services running over TCP/IP.
- If you integrate LDAP database with Secure Email Gateway then the service can check whether a recipient is a valid.
- If the recipient is not a valid user then the email is rejected.
- This avoids wasting resources by filtering mail for invalid recipients. The LDAP profiles added here are available for selection in interfaces such as 'Manage Domains > Routes' and 'SMTP AUTH > SMTP Authentication Settings'.
- Click 'SMTP' > 'LDAP/DB' > 'LDAP', to open the configuration screen.
LDAP Profile – Table of Column Descriptions |
||
---|---|---|
Column Header |
Description |
|
LDAP Profile Name |
The label provided for the custom LDAP policy. Each profile contains connection information and search settings to query the database. |
|
Action |
|
Edit the details of a profile. |
Copy a profile so it can be used as the basis for a new profile. |
||
Delete the profile from the list. |
From this screen administrators can:
You can create a new LDAP profile in two ways:
- By clicking the copy LDAP profile button beside a LDAP profile. This will open the 'New LDAP Profile' screen with all its details pre-populated for the copied profile.
- By clicking the 'Add LDAP profile' link at the top
LDAP Profile - Table of Parameters |
|
---|---|
Parameter |
Description |
Profile Name |
Enter the name of the new LDAP profile. |
Connection type |
Determines how Secure Email Gateway should connect to the LDAP server. The options available are:
|
Host Name or IP Address |
Enter the hostname or IP address of the LDAP/Active Directory. Secure Email Gateway will first check the primary server and will check the secondary server if the primary is not available. |
Port |
Specify the LDAP server port number. If you use 'Active Directory' then, instead of the default LDAP port 389, port 3826 must be used as Active Directory Catalog port. |
Search Type |
Select the type of search from the drop-down.
The options available are:
|
Cache Time (minutes) |
If the 'Cache' option is enabled as 'Search Type', this field becomes active. Enter the time in minutes the details of users are cached after which they are wiped out. |
Anonymous Access |
If this feature is enabled, the connection to
LDAP server will be created anonymously so that username and
password are not required. |
Login DN |
LDAP username to connect LDAP / Active Directory server. |
Password |
Enter the LDAP user password. |
Enable catch-all for this profile |
When this feature is enabled, if the recipient's address is value1-value2-value3@domain.com then Secure Email Gateway first checks whether this address is registered in LDAP. If it does not find it, it deletes value1 and checks the remaining value2-value3@domain.com address. If it does not find it again then it delete value2 and checks value3@domain.com |
Search Base |
Specify the search starting criteria to be used in LDAP tree. |
Search Pattern |
Determines which LDAP attributes will be searched in search base. |
Test E-Mail Address |
Enter the email address to test the LDAP connection. |
Email host attribute name |
Enter the mail host attribute name for the LDAP / Active Directory server. |
Check Local DB Users Also |
|
- Click 'Verify' to check the entered parameters and connectivity are correct. If verification fails, the error message will be displayed
- Click 'Save' to apply your changes.
-
Click the button beside a LDAP profile that you want to edit.
- Edit the required parameters. This is similar to the method explained in the 'Add' section.
- Click 'Save' to apply your changes.
-
Click the delete button beside a LDAP profile that you want to remove.
-
Click 'OK' to confirm the deletion.