ldap.conf
Previous  Top  Next

The ldap.conf file is only used if you are using LDAP/Active Directory Authentication.

The ldap.conf file is necessary to use LDAP/Active Directory Authentication.

Create the ldap.conf file if you want to specify which groups can use Spam Sleuth Enterprise

Start by specifying the LDAP server and group to User Type mapping. This line specifies the rights that users will have when using Spam Sleuth Enterprise based on the LDAP/Active Directory groups they belong to.

<active directory domain>:<Active Directory Group>=<user type>

Example:
myactivedirectoryserver.com:EMailUsers=2

Then specify the domains that will use LDAP/Active Directory. If your e-mail domain is the same as your LDAP/Active Directory domain, they might be the same (see second example).

<@domain>=<active directory domain>

Example:

@myemaildomain.com=myactivedirectoryserver.com

or
@mydomain.com=mydomain.com

Then specify the alias domains:

<@alias domain>=<@domain>

Example:
@mydomain.com=@maindomain.com

Then specify the alias users. The users do not need to be specified, as they will come from the LDAP/Active Directory Server. The alias can be just a user (first example), or fully qualified (second example). If the alias is not fully qualified with a domain, then the alias will exist for all domains you've specified above.

<username>=<fully qualified e-mail>

Example:
sales=joe@mydomain.com
or
sales@mydomain.com=joe@mydomain.com

Sample File:
abccompany.local:Domain Admins=1
abccompany.local:SpamSleuthUsers=2
abccompany.local:Secretary Group=2
abccompany.local:Telemarketers=5
@abccompany.com=abccompany.local
@defcompany.com=defcompany.local
@aliascompany.com=@abccompany.com
sales=jim@abccompany.com
info@abccompany.com=jim@abccompany.com

Let's say jim is a member of the SpamSleuthUsers domain in the abccompany.local domain, he will have an e-mail account jim@abccompany.com, and another e-mail account as jim@defcompany.com. Also, he will have an alias account jim@aliascompany.com which is accepted by Spam Sleuth Enterprise and sent to jim@abccompany.com. Also, any e-mail sent to sales@abccompany.com, sales@defcompany.com, or sales@aliascompany.com will go to jim@abccompany.com. Any e-mail for info@abccompany.com will go to jim@abccompany.com.

This is a fairly complex example intended to show the power and flexibility of the system and to show the various types of aliases, and users.


Using the sample file above, any member of the "Domain Admins" group in the abccompany.com domain will be a Master User, any member of "Spam Sleuth Users" will be a Regular User, any member of the "Secretary Group" will also be added as a Regular User, and any member of "Telemarketers" will be a No Spam View, No UnSpam allowed user. See accounts.conf for the User Types.

Using the ldap.conf file allows you to user your LDAP, or Active Directory to add users. By adding users to groups, you determine what rights they have in Spam Sleuth Enterprise. If you already have groups of users, just add the groups to the ldap.conf file.

If a user is a member of more than one group, then they will be added as the most powerful user type. The User Type order is 1, 2, 3, 5, 4, 0, 9. See accounts.conf for the User Types.

IMPORTANT ORDERING - General rule: Must appear on left-side before appearing on right-side of equal sign
·Domain:Group=Type lines must be first  
·EMail Domain=LDAP/Active Directory domain must be next  
·EMail Domain Alias=EMail Domain must be next  
·Alias users must be last