Announcement

Collapse
No announcement yet.

Enable LDAP for 3rd party filtering

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Enable LDAP for 3rd party filtering

    I want to use Mailwise for email scrubbing and want to enable the LDAP option which will allow for auto configuration of the users.

    Exchange 2007 Std on Server 2003 Std.

    I have poked a hole in the firewall for LDAP (389) and the request still times out. Is there a setting on the Exchange server that I need to enable?

    I have read that you don't have to point to the Exchange server because it uses AD for LDAP queries. Do I have to enable access to a DC to make this work?
    Thank you,

    Marc

  • #2
    Re: Enable LDAP for 3rd party filtering

    Where did you open the port to? Exchange or a DC?
    If you are pointing it at a DC then make sure it is a global catalog.

    However are you authenticating the session? If not then that could be your problem. Anonymous access to LDAP is disabled by default in Windows 2003 and higher.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Enable LDAP for 3rd party filtering

      Originally posted by Sembee View Post
      Where did you open the port to? Exchange or a DC?
      If you are pointing it at a DC then make sure it is a global catalog.

      However are you authenticating the session? If not then that could be your problem. Anonymous access to LDAP is disabled by default in Windows 2003 and higher.

      Simon.
      I am pointing it to the only Exchange server. Mailwise allows for a username and password for authentication (I am using the administrator account)

      Do I have to NAT a GC to the outside world?
      Thank you,

      Marc

      Comment


      • #4
        Re: Enable LDAP for 3rd party filtering

        I am pretty sure that Exchange doesn't have LDAP, it is the domain controllers that do that. Or put it this way - I have always pointed LDAP to domain controllers.

        LDAP to the DC will have to be accessed, but do restrict it as that is opening up quite a bit of the domain.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: Enable LDAP for 3rd party filtering

          Thank you Simon. I have pointed it to my AD server and can bind to it but get a

          ldap_operations_error

          Seen this before?
          Thank you,

          Marc

          Comment


          • #6
            Re: Enable LDAP for 3rd party filtering

            That could mean anything.
            I know from previous experience with other third party products that getting the LDAP query in the right format was important.

            Have you tested LDAP from outside with an LDAP client? There is LDP in the Windows Support tools which should work.

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: Enable LDAP for 3rd party filtering

              I figured it out. It was the base DN. I was using o=domain.com and it didn't like it. It wanted DC=domain,DC=com

              And I ended up pointing it to the DC.

              Thanks for your help Simon.
              Thank you,

              Marc

              Comment

              Working...
              X