The Add Directory Data Source wizard guides you through the tasks necessary to create and configure new data sources. The first step in this process is to configure the LDAP server that provides data for your directory source.
For authentication, address resolution, or routing data sources, the results that are returned must be unique. Therefore you cannot have identical or overlapping (where two data sources can potentially return the same result) data sources. If the Directory data integrity errors alert is configured on the Alerts page, that alert is triggered when this condition is detected.
When the directory data service cannot properly communicate with an LDAP server (for example, if the network link to the LDAP server is down or when a data integrity problem is encountered) message processing and user authentication can be affected.
On the Directory Integration Settings - Directory Data Sources page, click Add.
The LDAP Server Configuration page appears.
In the Data source name field, provide a unique name for the data source.
Select the Directory type that your LDAP source uses. Available choices are as follows:
Active Directory Global Catalog
iPlanet/Sun ONE/Java Directory Server
Other (can be any LDAPv3 compliant directory)
Though Symantec Messaging Gateway is compatible with any LDAPv3 directory, it is specifically designed to support configurations with the four specific directory types listed. If you select "other" for your directory type, you might need to consult your directory documentation to ensure proper functionality.
In the Host name field, type the host name or IP address of the LDAP server.
The Port is used to access the LDAP server. The port is automatically populated based on your directory type and SSL settings but can be modified by typing a new value into this field.
Check Enable SSL if you want to enable SSL on all connections to the LDAP server host. Encryption is provided regardless of the certificate authority that is used to sign the LDAP server x.509 certificate. If you change this checkbox, the port is automatically updated to the default ports for your directory type. Confirm the port if modifying this setting.
Check Anonymous bind if you want to let the directory data service connect to the LDAP server without providing specific user ID and password information. Or check Use the Following to provide the directory data service with specific authentication credentials.
If you checked Use the following, provide the bind credentials in the following fields:
Name (Bind DN)
The distinguished name (DN) that is used for authenticating to the LDAP server.
For Active Directory or Global Catalog server, you can optionally use the full DN, the NetBIOS and logon name (NetBIOS\SAM Account Name), or the User Principal Name.
Password to be used to authenticate to the LDAP server.
Click Test login to validate your authentication to the LDAP server.
This test only verifies that the LDAP server can be reached and that the account has read access to the root of the directory data tree on a directory server. Therefore, a successful test result does not guarantee that the credentials can succeed elsewhere in the directory. This is particularly true for anonymous access. You should verify access before deployment by using the Test Query function when configuring individual functions for your data source.
Click Show Advanced Settings if you want to configure optional LDAP server and cache settings.