We have 100+ OUs that our users are broken into. I am trying to configure a LDAP group query that will test for membership of an OU. I can test using memberof successfully using the DN of that distribution/security group but some of our users are not in any distribution or security groups, they are just users in an OU. Does anyone have any advice on how I can do this?
2nd question: Does IronPort support wildcard ldap lookups?
To simplify your query development you can use a LDAP browser to test your queries without having to edit your Ironport config over and over. I personally like the Apache LDAP studio browser/editor very much. it's free and rich. Another good one is the Softera LDAP browser. (Also free, the browser/editor is commercial)
By the way: make sure you are querying properly indexed fields! if you use un-indexed fields your performance may drop dramatically. Most LDAP servers allow you to add indexes if one is missing, please use your LDAP server manual to find out what is the best way to do this.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...