Messaging Gateway

Dear all,

I have some problem with LDAP Synchroization. My Customer used Bynari to be mail server and he want to sync LDAP but the Directory Type in the SBG web console doesn't have bynari type. what should I do?

I appreciate all your help and suggestions

Hi,

Only a limited number of directories are supported for Synchronization you can find details in the product manuals, however Bynari isn't one of them.  Exactly what LDAP functionality are you looking for?  Most LDAP functionality doesn't actually require LDAP Sync.  The functionality you lose with a directory that doesn't support LDAP Sync is:

- The ability to create group policies based on LDAP groups

- The ability for end users to create their own Allowed/Blocked lists from quarantine

- The ability to silenty drop messages to invalid recipients

Without LDAP Sync, you will still be able to do the following:

- Give end user access to quarantine(LDAP Authentication source)

- Reject messages to invalid recipients at connection time(Recipient Validation source)

- Auto alias or route messages via LDAP attributes(LDAP Routing source)

- Directory Harvest Attack(in conjunction with Recipient Validation source)

Kevin

Thanks for suggestions Kevin

I already set LDAP completed, but when I tried to access to the quarantine mail by user in bynari mail.
I could not access.

Sounds like you probably have the LDAP Authentication source set up incorrectly, if you pasted up an example of one of your ldif records and a screen grab of your LDAP Authentication settings we can try to help.

Kevin

http://imagehost.thaibuzz.com/ib/bldap.jpg

This my LDAP setting screen

I think the LDAP server details look okay.  Is your test login working okay?  I would probaly put in the full DN of the user you are going to bind with, eg.'cn=manager,dc=example,dc=com'.

For the Authentications Query Details, you should really be specifying a Base DN here.  If you can give the ldif extract of a typical user I can help with all the details here.  If you install a tool like Softerra LDAP browser you can look at a users ldif record and take another screen grab.

Kevin

Actually what get's returned when you test the login query?

Kevin

Might wanna check that end user settings have been enabled.

You can find it under Administration -> Groups Settings -> End Users

Actually End User settings will only work if LDAP Authetication and LDAP Synchronization are enabled.  As the directory in question isn't supported by LDAP Sync end user settings won't be available.

One thing to point out though, after LDAP Authentication is configured correctly, the Administrator-only quarantine option needs to be unchecked on the Spam -> Settings -> Quarantine Settings page before end users will be able to login.

Kevin

Thank you for any suggestions.

It works now !!!

Great news Chai, can you let us know what you needed to do to get things working?

Kevin

Dear all

I just unchecked that you adviced me " Administrator-only " in quarantine setting after that I reboot appliance. And It can work. :)

Thanks Chai,

Will you mark the thread as solved.

Cheers,

Kevin