2 Replies Latest reply on Sep 11, 2010 5:02 PM by infosecjeff

    Need help getting LDAP Profile configured to pass thru the DN, username/password?

    infosecjeff

      Following the admin guide I want to configure LDAP recipient validation, and when I configure the LDAP Profile I cannot get to screen 2 after a valid DN username/password.  I'm wondering if there's something missing.  I have the server IP and port identified.  I have the correct LDAP server type identified as well.

      Any help would be appreciated.

        • 1. Re: Need help getting LDAP Profile configured to pass thru the DN, username/password?
          ijahnke

          The LDAP Profile page only has one screen.

           

          Basically you set up the server, port, and username/password in the ldap profile which will later be used in the ldap rules creation.

           

          The next step would be to go to ldap rules page (IntrusionDefender -> LDAP configuration -> LDAP rules). From here you would set up the actual rules you would want to use.

           

           

          For email validation, the most comon rule would be a Real Time lookup (ironmail sends a querry to the ldap server, the ldap server responds with a true\false)

           

          IntrusionDefender -> LDAP configuration -> LDAP rules

          1. LDAP Definition - Edit Rule
            • Add New
            • Give it some sort arbitray yet descriptive rule name
            • Click on the "Real Time" radial button
            • Check the "Address Validation" box
            • Click "Next"

             2. Assign Domain Information

              • If this is for a Global rule you can just click "Next
              • If you wish to only do ldap lookups for specifc domains you host you can click on either "Domain Group" or "Domain List"
                • Domain groups are created under the Compliance -> Compliance Advanced -> Group Manager
                • A domain list can be populated in the text box for "Domain Names"

               3. Assign Profile Information

              • Here is where you select which profile to use
                • LDAP profiles are created in the IntrusionDefender -> LDAP configuration -> LDAP Profiles screen
                • Under the heading "Add Profile" select the profile you wish to use from  the drop down list
                • Click "Select"
                • Click "Next"

                4. Query Browser

                *****Please note that this page is where the actual LDAP querries are set up. We have created a very general LDAP querry that works on most LDAP setups, however it is ultimately the Admins job to have a decent understanding of their own ldap schema and how to create their own custom querries****

              • Here you can create querries and test them for validity
              • Click "Next" when finished

                5. Assign Profile Information

              • This page allows for adding multiple profiles
              • Click "Next"

                6. Rule Confirmation

              • This is a general overview of the rule that was created
              • Check the "Enable" box on the bottom right of the page if you want to enable the rule right away
              • Click "Finished"

             

             

            Please post if this resolves the issue.

             

             

            on 9/11/10 4:39:45 PM CDT
            • 2. Re: Need help getting LDAP Profile configured to pass thru the DN, username/password?
              infosecjeff

              Thank you very much for the quick response.