cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2907
Views
0
Helpful
2
Replies

IronPort LDAP group query - How do I recursive?

The default LDAP group query "(&(memberOf={g})(proxyAddresses=smtp:{a}))" does not perform a recursive group search. It will not find members of groups within groups.

I tried using this query, which functions correctly in active directory, but returns no matches in the IronPort appliance, "(&(memberOf:1.2.840.113556.1.4.1941:={g})(proxyAddresses=smtp:{a}))".

Is there a better way to do this? One that works?

2 Replies 2

Hi all,

 

Me too.. I have the same problem with vESA 8.5.5-280.

Something to suggest?

Stephan Bayer
Cisco Employee
Cisco Employee

Hi,

This could not be working based on many factors. The default settings may require manual tweaking.


Please look at the "distinguished name" of the LDAP group objects.

you may have to get the distinguished names of one of the groups and modify the original query to include the distinguished name like in the example below.


Query: (&(memberof=CN={g},OU=Distribution Groups,OU=ExchangeObjects,OU=Corp,DC=swc,DC=local)(proxyAddresses=smtp:{a}))

 

Also I think your best bet would be to call Cisco Tac and open a case for support. I hope this helps!


http://www.cisco.com/support
US Toll Free Customer Support +1 800 553 2447 Option #1

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: