cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1812
Views
5
Helpful
2
Replies

LDAP Query for OU membership?

Jason Meyer
Level 1
Level 1

We have 100+ OUs that our users are broken into. I am trying to configure a LDAP group query that will test for membership of an OU. I can test using memberof successfully using the DN of that distribution/security group but some of our users are not in any distribution or security groups, they are just users in an OU. Does anyone have any advice on how I can do this?

2nd question:
Does IronPort support wildcard ldap lookups?


IRONPORT NATION ROCKS!!

2 Replies 2

steven_geerts
Level 1
Level 1

Hello JMeyer,

I found an URL explaining how to do such queries:
http://help.globalscape.com/help/eft5/admin/advanced_ldap_filtering.htm

To simplify your query development you can use a LDAP browser to test your queries without having to edit your Ironport config over and over.
I personally like the Apache LDAP studio browser/editor very much. it's free and rich. Another good one is the Softera LDAP browser. (Also free, the browser/editor is commercial)

By the way: make sure you are querying properly indexed fields! if you use un-indexed fields your performance may drop dramatically. Most LDAP servers allow you to add indexes if one is missing, please use your LDAP server manual to find out what is the best way to do this.


Good luck!

Steven

Jason Meyer
Level 1
Level 1

Thanks for the input Steven this helps me.

If anyone else has any input on advanced LDAP queries and how to build them with IronPort I would be very interested in seeing what can all be done.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: