Knowledgebase
Problems Authenticating with McAfee SaaS LDAP
Posted by on 10 June 2014 10:14 AM
Problems Authenticating with McAfee SaaS LDAP
Question:

I have local and/or multiple domains listed in my Active Directory.  Can I still use the McAfee SaaS LDAP Authentication?
Answer:

 

Customers who define multiple domains or use an internal domain name such as local.domain.com as the DNS domain for the root domain within their Active Directory will not be able to use the McAfee SaaS LDAP Authentication with the default settings.

 

This is because the mail attribute for their users has a domain name that does not match what is set up for the customer in the Control Console.

 

The solution is to point LDAP Authentication at a different attribute, usually proxyAddresses.

 

The proxyAddresses attribute will contain all of the e-mail addresses for the user, and should contain at least one address recognized by McAfee SaaS.

  1. Set up LDAP Authentication as normal
  2. Select the Enable Advanced Settings check box
  3. In the Email Attribute box, enter proxyAddresses (NOTE – this is case sensitive)
  4. In the Search Filter box, enter (proxyAddresses=smtp:$user_login) (NOTE – this is case sensitive)
  5. Click Test LDAP to confirm the settings
  6. Once the test succeeds, click Save

 


ERROR: This domain name does not match domain registered in the license key file (cms.orlinpilot.com), allowed domains: support.excelmicro.com, please change the product path to match the domain under Admin CP > Settings > General Settings
This product will not work properly unless untill that value is changed.

For more information please contact Kayako support at https://my.kayako.com