Open with table of contents

Updating using LDAP

 

References to Web policy content are only available when a Web Gateway is included in the peer group.

You can specify that the manager information will be retrieved from an LDAP server. A backup LDAP server can also be supported that will be used if the first one is not available.

To specify Updating using LDAP

  1. From the Policy Center Home page, click Manager Relationships. The Manager Relationships page appears.
  2. Move the mouse pointer over the Update using section and click Click here to change these settings .
  3. From the drop-down box next to Update the manager relationship using, select LDAP.
  4. Click Save.

To specify the LDAP Server

The LDAP Server area defines the details of the LDAP server and how to connect to it. To configure the server connection properties:

  1. Move the mouse pointer over the LDAP Server area and click Click here to change these settings .

  2. Supply the following details for your primary LDAP Server and optionally for your secondary LDAP Server:

    Server Connection Property Description
    LDAP Server Hostname or IP address of the LDAP server
    Secure connection Option to use Secure LDAP when connecting your Gateway to the LDAP server.
    Port Port number on which to connect the LDAP server. Firewall Ports for a list of default ports.
    User name Account user name with which the Gateway connects to the LDAP server. Leave blank if anonymous access is required.
    Password Account password associated with the User name. Leave blank if anonymous access is required.
    Timeout Connection timeout value in seconds.
  3. Click Save.

To specify the Search Criteria

The Search Criteria area defines the criteria used to retrieve the Address List. For more information on the values for these criteria, see Defining LDAP Search Criteria.
To define the search criteria:

  1. Move the mouse pointer over the Search Criteria area and click Click here to change these settings.
  2. In Target DN for sync, supply the Distinguished Name of the base node of the LDAP directory tree containing the email addresses to include in the LDAP Address List. If you have set up the server connection successfully, you can click Browse to open the Select Base DN dialog. This allows you to browse the server's LDAP directory tree to select the required base node. Maximum entries to display specifies the maximum number of nodes Clearswift Gateway shows within any one node when it is displaying the LDAP directory tree in the Select base DN dialog.
  3. In Scope, select whether to search the target only (the specified base node), recursively search the tree, or search the direct children of the target only.
  4. In Filter to Apply, define the search filter to determine which nodes to return, using the standard LDAP search filter format. For example, ObjectClass=* obtains all the LDAP nodes using the specified scope.
  5. In Attributes to Retrieve, supply the LDAP attributes you want to retrieve, for example mail on an Email Gateway. The values of the attributes you specify must be user names or email addresses. To specify two or more attributes, separate them with commas.
  6. In Manager Attribute, supply the attribute to be used, for example, manager.
  7. If Request Paging is required, select the check box to enable paging requests and indicate the page size to use.
  8. If Group Expansion is required, select the check box to enable group expansion, and specify a maximum group expansion depth plus a comma-separated list of expansion attributes to use, for example, member,uniquemember.
  9. Click Save.
 

When you have finished modifying your content security policy you must apply the configuration for any changes to take effect. If the Gateways are configured as a group, any group changes should be applied to each Gateway.

© 1995–2018 Clearswift Ltd.