Configuring multiple domains to access Spam quarantine

Unanswered Question
Nov 15th, 2007

Hi there,
I have configured the Ironport Spam quarantine area and am using ldap to allow end users to access their own Spam that has been quarantined. This works for one Active Directory. In our company we have multiple business each with their own Active Directory. Each of these businesss have their mail come through one C-300 appliance. It is then passed onto the respective exchange server for their domain.
How can I configure the Spam Quarantine area to accept more than one ldap server for it's quiries of multiple domains.

Thanks,
David

I have this problem too.
1 vote
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kluu_ironport Thu, 11/15/2007 - 15:53

That's currently not possible.

Hi there,
I have configured the Ironport Spam quarantine area and am using ldap to allow end users to access their own Spam that has been quarantined. This works for one Active Directory. In our company we have multiple business each with their own Active Directory. Each of these businesss have their mail come through one C-300 appliance. It is then passed onto the respective exchange server for their domain.
How can I configure the Spam Quarantine area to accept more than one ldap server for it's quiries of multiple domains.

Thanks,
David
David.shoesmith73 Thu, 11/15/2007 - 22:42

Really? Hmmm, this will be the show stopper to allow us to replace our current mail filter with Ironport.
Is there anyone else in this situation?

Thanks,

David

rgwilliam_ironport Fri, 11/16/2007 - 10:10

Hello David,

This issue is definitely known about, and we are working towards a resolution of it. Unfortuantely I do not have a time scale for resolution. It would be best to contact your Sales/SE representative regarding this issue.

Regards
Richard

mychrislo_ironport Sat, 11/17/2007 - 05:24

Hi there,
I have configured the Ironport Spam quarantine area and am using ldap to allow end users to access their own Spam that has been quarantined. This works for one Active Directory. In our company we have multiple business each with their own Active Directory. Each of these businesss have their mail come through one C-300 appliance. It is then passed onto the respective exchange server for their domain.
How can I configure the Spam Quarantine area to accept more than one ldap server for it's quiries of multiple domains.

Thanks,
David


It would be great ironport have a solution. The other "ugly" way is to try using referrals...but...i aint sure....and there is security issue too.

On top of two active directories. u could build certain proxy ldap server. One we have used in small scale in other scenaros is VDE from Octet String. I believe it is now under Oracle :-).

Cheers
Chris
David.shoesmith73 Sun, 11/18/2007 - 23:14

Hello David,

This issue is definitely known about, and we are working towards a resolution of it. Unfortuantely I do not have a time scale for resolution. It would be best to contact your Sales/SE representative regarding this issue.

Regards
Richard


Thanks,
I have contacted my Local sales/support rep and I believe he has made a note that we are wanting this function as soon as possible.
I hope it is not too far away, as we are wanting to replace our current Mail filter, and this is the only point that is stopping us from moving forward.

David
frederic.lens Tue, 02/12/2008 - 09:48

Hello !

We are in the same situation here, multiple Active Directory repositories for LDAP authentication.

We had to disable the Whitelist/blacklist feature and remove all authentication for the Quarantine access, which is really a pain...

Would be a very-nice-to-have-feature :)

Best regards,
Fred

David.shoesmith73 Wed, 02/13/2008 - 23:45

I have heard on the grape vine, that sometime in May could be when we are getting the feature to enable us to use multiple LDAP servers in the quarantine sectiom. However this is only hear say and may or may not be available then. I for one am waiting on this happening as soon as it can, as one of my projects is on hold till this is implemented.

I did look into the Oracle VDE, however I just could not get it to work. I am sure there is a way to do it, I just couldn't figure it out.


Regards,

David

Ken Stieers Wed, 11/12/2014 - 08:19

It looks to be possible in 8.5.6...(I'm just poking in the help file)

 

1. set up mulitiple domains in System Administration/LDAP with the proper queries:

Accept query, Spam Quarantine Alias Consolidation, Spam Quarantine End-User Auth

2.Under the list of LDAP server profiles you create, there's an "Advanced" link.

3.Create a chained query that uses the "spam quaantine end-user auth" for LDAP. Set it as the Active one (there's check box there)

4. make sure spam Quarantine is set up to use LDAP...

 

Again, I'm just poking around, not testing...

 

Ken

 

Tomasz Joniak Wed, 11/12/2014 - 09:56

So your saying to setup multiple LDAP groups, because we have 6 domains of sub-companies, and only using one AD with 6 different OU's but I setup 1 query... I have 2 8.5.6 so i guess i will try with DR site.

Thanks

Ken Stieers Wed, 11/12/2014 - 09:59

If its in ONE ActiveDirectory with OU's, you can do it with one query.  It doesn't matter how many EMAIL domains.

If its in multiple AD domains, with or without trusts, you have to set up multiple server profiles.

 

Tomasz Joniak Wed, 11/12/2014 - 10:44

I have that, but not what im looking for, 

what  Im looking for is manager of domain aaa.com can only manage quarantine for domain aaa.com and manager of domain bbb.com can only manage hose quarantine, and then create a NOC user that should be able to manager quarantine from both domains, 

So almost like a service provider stuff, within just one company who owns 6 in production domains.

Or like baracuda domain manager with separate reporting, and everything else.

Thanks

Tomasz 

Actions

This Discussion