Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
0
Helpful
1
Replies

Cisco ESA not querying LDAP server when enabled

Go to solution
aamir.aleem
Level 1
Level 1

‎02-15-2023 11:42 PM - edited ‎02-15-2023 11:43 PM

Hello,

I am in the process of implementing recipient validation via LDAP(AD) on the Cisco ESA running version 14.0.2-020. The setup has two ESA's in high availability in machine mode.

I have followed the below documentation and all the testing like Server connection on port 3268 and LDAP query is successful.

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118218-configure-esa-00.html

But, on enabling the LDAP ACCEPT query under the listener, I do not see the ESA triggering a LDAP query to the AD when i debug the mail_logs. I have cleared the ldap cache as well, just in case. Please see the logs attached.

Further, I have enabled the LDAP logs in the Log subscription as well.

I don't see I am missing any configuration steps and I am not aware of any steps related to mail policy that I need to enable. Further, RAT table has the recipient domain included.

 

 

Thanks

Aamir

Labels:
Preview file
2 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
aamir.aleem
Level 1
Level 1

‎02-20-2023 03:51 AM

Hello,

The configuration was correct. The reason the logs were not seen was due to the mail_logs logging level was set to Info and the ldap log level is debug, as shown below:

Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) to server ESA-LDAP (xx.xxx.xx)

Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) lookup success, (xx.xxx.xx) returned 0 results
Mon Feb 20 13:47:32 2023 Info: MID 74642 ICID 210976 To: <Ccie@xx.xxx.xx> Rejected by LDAPACCEPT

 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
aamir.aleem
Level 1
Level 1

‎02-20-2023 03:51 AM

Hello,

The configuration was correct. The reason the logs were not seen was due to the mail_logs logging level was set to Info and the ldap log level is debug, as shown below:

Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) to server ESA-LDAP (xx.xxx.xx)

Mon Feb 20 13:47:32 2023 Debug: LDAP: (accept) Query (|(mail=Ccie@xx.xxx.xx)(proxyAddresses=smtp:Ccie@xx.xxx.xx)) lookup success, (xx.xxx.xx) returned 0 results
Mon Feb 20 13:47:32 2023 Info: MID 74642 ICID 210976 To: <Ccie@xx.xxx.xx> Rejected by LDAPACCEPT

 

0 Helpful
Customers Also Viewed These Support Documents