If required, an authorization control can be activated which, depending on the selected sender mailbox, allows or disables the use of the SEPPmail Secure E-Mail Gateway encryption functions.
For this purpose, the entry of additional registry keys is required. This defines the connection to and query in LDAP, as shown in the following table
Name |
Type REG_ |
Data (Example) |
Description |
||
|---|---|---|---|---|---|
LDAPPermissionCheckActive |
DWORD |
0/1 |
Controls whether the permission check is activated in general. |
||
LDAPServerAddress |
SZ |
myldap.local |
Address of the LDAP server |
||
LDAPUsername |
SZ |
tech_ldap |
User that is authorised to query the LDAP. If there is no entry, the currently logged-in user is used. |
||
LDAPPassword |
SZ |
password |
Password of the user. If there is no entry, the password of the currently logged-in user is used. |
||
LDAPAuthenticationTypes |
SZ |
secure fast bind |
Authentication method to use for the LDAP login. Multiple values can be indicated, separated by commas. Possible values can be found under AuthenticationTypes Enumeration . If the entry does not exist or is empty, NTLM is used as the authentication method (secure). |
||
LDAPOrganizationalUnit |
SZ |
OU=Users, DC=test, DC=server, DC=tld |
LDAP search path in which the user objects are located.
|
||
LDAPQuery |
SZ |
(&(mail={0})(SEPPmailPermission=*)) |
LDAP query. In the example, using the sender email address "&(mail={0})" (where {0} is replaced by this address in the search query) in the search path (see "Name LDAPOrganizationalUnit"), the corresponding user object is queried in LDAP. With "(SEPPmailPermission=*)", the attribute "SEPPmailPermission" is queried in the corresponding user object. With "(!(SEPPmailPermission=\00))" it is specified that if the value is present, it must not be empty in order to receive a positive return value (if applicable, see also Searching for Empty Attribute Values).
|
