Editing the LDAP server configuration for a data source
If the LDAP server configuration changes for an existing data source, you must update that information in Symantec Messaging Gateway.
Before you modify a deployed data source, be sure to first assess the impact your changes may have on any related configuration or processes.
Any modification that would affect query results cause the cache to be cleared and subsequently rebuilt, which can slow down mail delivery. Use the test functionality to help diagnose issues before the data source begins production service.
In the Directory Integration Settings - Directory Data Sources page, check the box for the data source you want to edit.
Click Edit and then click the LDAP Server tab.
You can edit any of the following fields:
Data source name
You can edit the unique name of the data source.
You can change the directory type the LDAP source uses. If you change the directory type for a saved data source, your query default values are not updated accordingly. You must individually reconfigure your queries or use the Restore Defaults option for each function.
The available choices are as follows:
Active Directory Global Catalog
iPlanet/Sun ONE/Java Directory Server
Other (can be any LDAPv3 compliant directory type)
Though Symantec Messaging Gateway is compatible with any LDAPv3 directory, it is specifically designed to support configurations using the four specific directory types listed. If you select "other" for your directory type, consult your directory documentation for more information.
If you use the Active Directory Global catalog, you may experience authentication issues depending on your query configuration. These issues can be resolved by replicating the Global Catalog.
Modify the host name or IP address of the LDAP server.
Modify the TCP/IP port that is used to access the LDAP server.
Enable or disable SSL on all connections to the LDAP server host. Verify your port setting when you modify this field.
Check to let the directory data service connect to the LDAP server without providing specific user ID and password information.
Use the following
Check if you want to configure specific login credentials for authentication to the LDAP server.
Name (Bind DN)
The distinguished name (DN) that is used for authenticating to the LDAP server.
For an Active Directory or Global Catalog server, you can optionally use the full DN, the NetBIOS and logon name (NetBIOS\SAM Account Name), or the User Principal Name.
The password to be used for authenticating to the LDAP server. A password is required if you checked Use the following.
When you are finished editing the desired fields, click Test Login to connect to the client and ensure that your LDAP connection settings are valid.
This test only verifies that the LDAP server can be reached and that the provided account has read access to the root of the directory data tree on a directory server. A successful test result does not guarantee that the credentials can succeed elsewhere in the directory. This is particularly true for anonymous access. You should verify access before deployment.
Imported Document ID: HOWTO53676
Subscribing will provide email updates when this Article is updated. Login is required.