Overview

If you maintain end-user passphrases and email aliases in a corporate LDAP directory — for example, in Microsoft Active Directory, SunONE Directory Server, or OpenLDAP directories — you can use the LDAP directory to authenticate the following users:

• End users and administrative users who access the spam quarantine.

  When a user logs in to the web UI for the spam quarantine, the LDAP server validates the login name and passphrase, and AsyncOS retrieves a list of the corresponding email aliases. Quarantined messages sent to any of the user's email aliases can appear in the spam quarantine, as long as the appliance does not rewrite them.

  See Configuring LDAP to Work with the Spam Quarantine.

• Administrative users who sign in to the Cisco Secure Email and Web Manager appliance when External Authentication is enabled and configured.

  See Configuring External Authentication of Administrative Users Using LDAP.