Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Email Security Quick-links: ESA Product Support | SMA Product Support | Email Submission and Tracking Portal | Cisco SecurityHub
Current General Deployment (GD) Releases:
ESA: 11.0.0-264 WSA: 10.5.1-296 SMA: 11.0.0-115 Email Plug-in (Reporting): 1.0.1-048 Email Plug-in (Encryption): 1.0.0-036

New Member

IronPort LDAP group query - How do I recursive?

The default LDAP group query "(&(memberOf={g})(proxyAddresses=smtp:{a}))" does not perform a recursive group search. It will not find members of groups within groups.

I tried using this query, which functions correctly in active directory, but returns no matches in the IronPort appliance, "(&(memberOf:1.2.840.113556.1.4.1941:={g})(proxyAddresses=smtp:{a}))".

Is there a better way to do this? One that works?

2 REPLIES
New Member

Hi all, Me too.. I have the

Hi all,

 

Me too.. I have the same problem with vESA 8.5.5-280.

Something to suggest?

Cisco Employee

Hi,This could not be working

Hi,

This could not be working based on many factors. The default settings may require manual tweaking.


Please look at the "distinguished name" of the LDAP group objects.

you may have to get the distinguished names of one of the groups and modify the original query to include the distinguished name like in the example below.


Query: (&(memberof=CN={g},OU=Distribution Groups,OU=ExchangeObjects,OU=Corp,DC=swc,DC=local)(proxyAddresses=smtp:{a}))

 

Also I think your best bet would be to call Cisco Tac and open a case for support. I hope this helps!


http://www.cisco.com/support
US Toll Free Customer Support +1 800 553 2447 Option #1

 

871
Views
0
Helpful
2
Replies