Configure Update Method

Update using a remote file

You can specify that the manager relationships will be retrieved from a remote file.

The remote file can either be a single manager information file or a zip file containing single or multiple manager information files. The manager files should use UTF-8 encoding. The manager file names contained within the zip file must only contain ASCII characters.

Secure Email Gateway will validate the manager file contents before utilizing them. The validation will check that each line is split using a colon and that it contains valid email addresses. If the validation fails then the file will be rejected. When duplicate users are detected, the first one found will be used and other duplicates will be ignored.

More than one manager can be specified for a sender by using commas to separate the email addresses of the managers. You can specify a sender with no manager by omitting the address of the manager.

For example:

employee1@company.com:manager1@company.com

employee2@company.com:manager2@company.com,manager3@company.com

employee3@company.com:

You can also use a wildcard character ( * ) to specify a range of senders' email addresses. For example:

*:manager1@company.com,manager2@company.com

This acts as a catch-all entry in the list.

  If the relationships list includes a catch-all entry, the When the sender is not in the relationships list actions in Missing Manager policies will not trigger.

Specify updating using a remote file

  1. Navigate to Policy > Policy References > Manager Relationships. The Manager Relationships page is displayed.
  2. In the Update Method panel, click Click here to change these settings.
  3. Select Remote file from the drop-down menu.
  4. Click Save.

Specify the remote file location

  1. Navigate to Policy > Policy References > Manager Relationships. The Manager Relationships page is displayed.
  2. In the Remote File Location panel, click Click here to change these settings.

  3. Enter the URL from which the manager relationships should be updated. When used, the HTTP or HTTPS URLs need to point to a file name, for example:

    http://<testwebsite>/<directory>/<filename.txt>

    http://<testwebsite>/<directory>/<filename.zip>

  4. Click Save.

 

Update using LDAP

You can specify that the manager information will be retrieved from an LDAP server. A backup LDAP server can also be supported that will be used if the first one is not available.

Specify updating using LDAP

  1. Navigate to Policy > Policy References > Manager Relationships. The Manager Relationships page is displayed.
  2. In the Update Method panel, click Click here to change these settings.
  3. Select LDAP from the drop-down menu.
  4. Click Save.

Specify the LDAP server

The LDAP Server panel defines the details of the LDAP server and how to connect to it. To configure the server connection properties:

  1. In the LDAP Server panel, click Click here to change these settings.

  2. Supply the following details for your primary LDAP server and optionally for your secondary LDAP server:

    Server Connection Property Description
    LDAP Server Hostname or IP address of the LDAP server
    Secure connection Option to use Secure LDAP when connecting your Gateway to the LDAP server.
    Port Port number on which to connect the LDAP server. See Firewall ports for a list of default ports.
    User Name Account user name with which the Gateway connects to the LDAP server. Leave blank if anonymous access is required.
    Password Account password associated with the User name. Leave blank if anonymous access is required.
    Timeout Connection timeout value in seconds.
  3. Click Save.

Specify the search criteria

The Search Criteria panel defines the criteria used to retrieve the Address List. For more information on the values for these criteria, see Defining LDAP Search Criteria.

  1. In the Search Criteria panel, click Click here to change these settings.
  2. In Target DN for sync, supply the Distinguished Name of the base node of the LDAP directory tree containing the email addresses to include in the LDAP Address List. If you have set up the server connection successfully, you can click Browse to open the Select Base DN dialog. This allows you to browse the server's LDAP directory tree to select the required base node. Maximum entries to display specifies the maximum number of nodes Secure Email Gateway shows within any one node when it is displaying the LDAP directory tree in the Select base DN dialog.
  3. In Scope, select whether to search the target only (the specified base node), recursively search the tree, or search the direct children of the target only.
  4. In Filter to Apply, define the search filter to determine which nodes to return, using the standard LDAP search filter format. For example, ObjectClass=* obtains all the LDAP nodes using the specified scope.
  5. In Attributes to Retrieve, supply the LDAP attributes you want to retrieve, for example mail on Secure Email Gateway. The values of the attributes you specify must be user names or email addresses. To specify two or more attributes, separate them with commas.
  6. In Manager Attribute, supply the attribute to be used, for example, manager.
  7. If Request Paging is required, select the check box to enable paging requests and indicate the page size to use.
  8. If Group Expansion is required, select the check box to enable group expansion, and specify a maximum group expansion depth plus a comma-separated list of expansion attributes to use, for example, member,uniquemember.
  9. Click Save.
 

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > ConfigurationApply Configuration. See Apply new configuration for more information.

If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Configure Peer Gateways for more information.