Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1125
Views
0
Helpful
3
Replies

removing user from incomming and outgoing email policys in c360

LithiumKid1976
Level 1
Level 1

‎12-20-2012 05:29 AM

Hi

In out Cisco iron port(c360) email security policy, there is an incoming and outgoing policy’s set up, which all users (2 thousand or so) are included in, until they have been approved to receiving incoming, and to be able to send emails externally.

Once they have approval, we have to manually go in to the incoming and outgoing policy, and remove the user from the policys.

This takes forever(to locate the user, remove them from the list, then submit it, and repeat for the outgoing policy), and if you a lot of users to do, it can break your heart, its so slow and tedious.

I’m sure there must be a better way of doing this, but this is how it was set up by a previous admin.

Is there a easier way to take a user out of a policy.?

Im looking at a list of 500 or so users that have to be taking out of both policy’s, and am not looking forward to doing it……

Labels:
0 Helpful
3 Replies 3

Ken Stieers
VIP
VIP

‎12-20-2012 08:50 AM

So, are you using their policy membership to say "user is allowed to send/receive" internet email?

There ARE easier ways to do this...

You could could use group query's against an LDAP, and then manage the group THERE.

What email system are you using?

0 Helpful

LithiumKid1976
Level 1
Level 1
In response to Ken Stieers

‎12-21-2012 01:39 AM

hi ken

thanks for the reply.

when a user is created, they are added to 2 policys, one for "blocked outbound mail" and one for "blocked inbound mail"

(policys are located under "mail policys, incomming mail policys"), and you have a list of current users for that policy.

we then have to find the user and "remove", then commit the changes. and it takes a long time to narrow down the user etc.

we are using lotus notes 8.5 as the mail server, and it doesnt look like LDAP is configured on ironport...

cheers

0 Helpful

Ken Stieers
VIP
VIP
In response to LithiumKid1976

‎12-21-2012 01:27 PM

I'm going to assume you have an Active Directory and tha Notes updates AD with users email addresses. If it doesn't Id suspect that Notes has an LDAP interface...

1 create a service account that is just a member of Domain Users
2 create an AD group for your blocked users.
3 Go to System Administation/LDAP and set up a connection to your AD boxes using the account in step 1
4 set up a group query and test it for your group
5 update the policies to use the group query instead of the list of addresses.

It might be easier to create a new policy, then nuke the old one. Either way you can add/remove the user using tools that wont drive you crazy.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents