02-15-2023 11:42 PM - edited 02-15-2023 11:43 PM
Hello,
I am in the process of implementing recipient validation via LDAP(AD) on the Cisco ESA running version 14.0.2-020. The setup has two ESA's in high availability in machine mode.
I have followed the below documentation and all the testing like Server connection on port 3268 and LDAP query is successful.
But, on enabling the LDAP ACCEPT query under the listener, I do not see the ESA triggering a LDAP query to the AD when i debug the mail_logs. I have cleared the ldap cache as well, just in case. Please see the logs attached.
Further, I have enabled the LDAP logs in the Log subscription as well.
I don't see I am missing any configuration steps and I am not aware of any steps related to mail policy that I need to enable. Further, RAT table has the recipient domain included.
Thanks
Aamir
Solved! Go to Solution.
02-20-2023 03:51 AM
Hello,
The configuration was correct. The reason the logs were not seen was due to the mail_logs logging level was set to Info and the ldap log level is debug, as shown below:
Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) to server ESA-LDAP (xx.xxx.xx)
Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) lookup success, (xx.xxx.xx) returned 0 results
Mon Feb 20 13:47:32 2023 Info: MID 74642 ICID 210976 To: <Ccie@xx.xxx.xx> Rejected by LDAPACCEPT
02-20-2023 03:51 AM
Hello,
The configuration was correct. The reason the logs were not seen was due to the mail_logs logging level was set to Info and the ldap log level is debug, as shown below:
Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) to server ESA-LDAP (xx.xxx.xx)
Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) lookup success, (xx.xxx.xx) returned 0 results
Mon Feb 20 13:47:32 2023 Info: MID 74642 ICID 210976 To: <Ccie@xx.xxx.xx> Rejected by LDAPACCEPT
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide