I'm just looking into the process of populating the SaaS Email environment with users/accounts using a pre-existing Active Directory service.
Reading through the "Directory Integration" section of the Accunt Management Administration Guide, it would appear there are two options when using LDAP - Email Domain or AD Domain. The guide suggests that if you only have a single domain, that "Email Domain" is the option to go for and if there are multiple alias addresses present for different domains the "AD Domain" option should be pursued.
It then goes on to explain there is also a Directory Services Connector which can be used for this purpose, but that this requires ePO to be up and running on the network.
Given the customer environment I will be shortly working on is known to use multiple e-mail domains and there's every chance that users won't necessarily just have alias addresses with the same e-mail domain (email@example.com, firstname.lastname@example.org, email@example.com), but may also have alias addresses belonging to one or more additional e-mail domains (firstname.lastname@example.org, email@example.com, firstname.lastname@example.org), I've concluded that AD Domain is the correct route to take.
However, when I select this as the Logical Structure option in Account Management -> Directory Integration -> Configuration, the system immediately seems to assume I will be Directory Services Connector.
As I know this customer is not a mainstream McAfee customer (they have Firewall Enterprise appliances, but ePO integration isn't a fundamental requirement) they do not currently have ePO deployed.
How can we acheive what I know the customer will need without being forced to install ePO and the Directory Services Connector?
Is it possible to create multiple EMail Domain entries for each domain name (primary or alias) registered to the customer's SaaS service?
Another question I have - with many AD environments using an 'internal' domain name, the user's primary e-mail address will often be associated with a different domain name. So to use the Bob Smith example his active directory domain address may well be bob.smith@acme_ad.local when his Internet e-mail address will be the aforementioned email@example.com. (and the domain registered to SaaS will be the acme.com one), how will SaaS handle the creation of user accounts from LDAP?