LDAP Synchronized Address Lists

An LDAP Synchronized Address List is a list of addresses or user names which is defined dynamically through a connection with an LDAP server. You can specify the LDAP server connection details and search criteria.

Create and modify an LDAP Synchronized List

  1. Click Policy > Email Addresses.

  2. Click New. A dialog enables you to select the list type you want to add.

  3. Select LDAP Synchronized Address List and click Create.

      To edit an existing LDAP Synchronized list, select a list from the available entries and click Edit.
  4. Edit the Overview section to provide the list with a Name or any relevant Notes. Click Save.

  5. Configure the Server Connection details. Use this section to define the LDAP server details and connection properties.

    Server Connection Property Description
    LDAP Server Hostname or IP address of the LDAP server
    Secure connection Option to use Secure LDAP when connecting your Gateway to the LDAP server.
    Port Port number on which to connect the LDAP server. See Firewall ports for a list of default ports.
    User name Account user name with which the Gateway connects to the LDAP server. Leave blank if anonymous access is required.
    Password Account password associated with the User name. Leave blank if anonymous access is required.
    Timeout Connection timeout value in seconds.
      If you change any of the LDAP settings, you must also re-enter the Password to save the changes.

    Click Save.

  6. Use the Search Criteria section to specify the criteria used to retrieve the data from the LDAP server. Click to Save to save the changes.

    Search Criteria Description Example
    Target DN for sync

    Distinguished Name of the base node of the LDAP directory tree containing the entries with which you want to synchronize.

    Click Browse to open the Select Base DN dialog and locate the base node. Maximum entries to display specifies the number of nodes the directory tree displays in the dialog.

    		 O=MyCompany
    Scope

    Scope of the search

    Select whether to search the base node only (Target Only), the entire tree recursively (Recurse Tree) or only the direct children of the target node (Children of Target).

    		 Recurse Tree
    Filter to Apply

    Search filter used to determine which nodes to search

    ObjectClass=* obtains all LDAP nodes within the specified scope.

    		 objectclass=*
    Attributes to Retrieve LDAP attributes to be retrieved. Attributes must be comma-separated. mail,proxyAddresses
    Request Paging Enables paging requests with a configurable page size. 1000
    Group Expansion Enables group expansion with maximum expansion depth and selected attributes. Attributes must be comma-separated. Expansion is enabled using 'member,uniquemember' to a depth of 10.
  7. Apply the configuration.

Test an LDAP connection

  1. Configure an LDAP Synchronized List.
  2. Select the list from the available entries and click Edit.

  3. In the task panel, click Test Query.

    If the query is successful, the Gateway displays a Query Succeeded dialog including a list of initial results.

      If the query fails, check your server connection and search criteria settings. If necessary, contact your LDAP administrator.

Synchronize a list with the LDAP directory

  1. Configure an LDAP Synchronized List.
  2. Select the list from the available entries and click Edit.

  3. In the task panel, click Synchronize Now.

    If the synchronization is successful, the Gateway displays a Success notification indicating that the request has been successful. Synchronization of a large amount of data might take some time to complete.

      After a suitable period, refresh the list page by clicking your browser's Refresh button. The Synchronization Status area indicates whether the synchronization was successful, and when the synchronization occurred.

Remove an LDAP Synchronized List

  1. Click Policy > Email Addresses.

  2. Select a list from the available entries. Click Delete.

  3. Click Delete to confirm the deletion.
  4. Apply the configuration.
 

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > ConfigurationApply Configuration. See Apply new configuration for more information.

If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Peer Gateways for more information.

See also...