If you remove a function from a data source by disabling the function for that source, settings and query configuration information for that source are not saved. This information must be reconfigured if the function is enabled in the future.
Provide an email address that can be used to test and validate your address resolution configuration.
Click to test and validate the defined address resolution query using the provided test email address.
This test reports all email addresses, distribution list memberships, and directory group memberships that are associated with the test email address. This test is conducted against the directory data service instance that is running on the Control Center host. It cannot be used to verify connectivity from attached scanners to your LDAP server.
If your query is successful, you can click the icon next to the Test Query option to display all query results. This test reports all email addresses and user preferences that are associated with the test email address. If the recipient is a distribution list, this information is provided for all users associated with that distribution list.
Test results reflect only the data source being tested. It does not provide information about the effects of other data sources or system settings such aliasing and masquerading.
Click to view or customize the default address resolution query. Create a custom query to change scope and support custom directory schemas.
Specify the name for the place in the directory from which to start searching for entries to authenticate.
A default value is provided, select "Customize" to provide your own values in the Custom query start field.
Custom query start
If you select "Customize" for the Base DN field, provide a Custom query start.
You can customize the base DN to refocus the search to a specific part of the directory tree. Custom query start lets you configure the query to fit your particular needs and return data more quickly.
The query filter instructs the directory data service to return data using attributes and tokens that describe a specific LDAP query syntax.
Primary email attribute
Specify the attribute in your LDAP schema that is used to store the primary email address information.
If you specify a primary email attribute of "proxyAddresses," the directory data service automatically identifies the attribute value that is prepended with "SMTP" as the address. You do not need to specify this prefix in the Primary email attribute field.
Email alias attribute (optional)
Specify the attribute in your LDAP schema that is used to store the email alias address information.
Distribution list object classes
List the object classes in your LDAP schema to be used to identify distribution list entries.
Child membership attributes
Provide the names of the attribute in your schema, separated by semicolons, that are used to define members of a group.
If you do not provide a child membership attribute, distribution lists and groups are not expanded. This can create a performance benefit. It also means, however, that policies can only be applied to the email address of the recipient since LDAP group membership are not evaluated. Indirect policy groups through email aliases are still honored.
Click to hide the custom query fields.
Click to remove your edits to the query configuration fields and replace them with the default values.
Click to test and validate the group listing query using the provided test information.
This test is conducted against the directory data service instance that is running on the Control Center host. It does not verify connectivity from attached scanners to your LDAP server.
Test results reflect only the data source tested.
Click to create a custom group listing query.
Create a custom query to change scope and support custom directory schemas.