tmcclendon
asked on
LDAP / Symantec Hosted Email / Active Directory
I'm attempting to setup a LDAP connection between my Active Directory Server and Symantec Hosted Spam Email solution. I can see the LDAP connection being made to the external port of my ISA server but that's it. The connection is made and then ended. I have verified that I connect with LDAP from the internal port on my ISA server to Active Directory. It's almost as if ISA isn't processing the request. I do have a rule set up to allow LDAP. When the rule is disable I get a denied entry, when the entry is enabled that's when I get a connection on the exeternal port and then a disconnect. Any help would be greatly appriciated.
Last Comment
ASKER
Greetings
have you enabled the ISA System Policy as well as the firewall policy?
I have a firewall rule to accept LDAP from external, internal, and local host and to external, internal, and local. The LDAP Addin is enabled. Not sure about the system policy.
How are you provisioning the ldap query - through a publishing rule?
Not quite sure what you are asking.
Have you got ISA2006 sp1 installed?
Yes SP1 is installed
have you enabled the ISA System Policy as well as the firewall policy?
I have a firewall rule to accept LDAP from external, internal, and local host and to external, internal, and local. The LDAP Addin is enabled. Not sure about the system policy.
How are you provisioning the ldap query - through a publishing rule?
Not quite sure what you are asking.
Have you got ISA2006 sp1 installed?
Yes SP1 is installed
OK the system policy is an additional set of rules that dictate how ISA will deal with certain conditions.
You can see edit the System Policy rules from the menu on the right-hand-side of the screen (in the toolbox) when you view the firewall policy rules.
How are you allowing ldap queries through ISA? from intermnal to external OR external to internal? If external to internal, are you using a publishing rule or an access rule?
You can see edit the System Policy rules from the menu on the right-hand-side of the screen (in the toolbox) when you view the firewall policy rules.
How are you allowing ldap queries through ISA? from intermnal to external OR external to internal? If external to internal, are you using a publishing rule or an access rule?
ASKER
I have the standard system policy that allows LDAP from local host to internal for all users. I've made no changes or additions to this.
I think my problem is that I'm allowing the LDA queries. I only created an access rule configured as following:
Allow LDAP port 389
from: external, internal, local host
to:external, internal, local host
all users
Do I need a weblistener for LDAP or use a different publishing method?
I think my problem is that I'm allowing the LDA queries. I only created an access rule configured as following:
Allow LDAP port 389
from: external, internal, local host
to:external, internal, local host
all users
Do I need a weblistener for LDAP or use a different publishing method?
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Excellent, Thank you for keeping me on the right track. I published a non-web server rule and this corrected the problem with LDAP passing through. I had created one before but because of another issue it was failing. I had another issue in which I wasn't using the right syntax when trying to authenticate LDAP services between symnatec and my active directory. I assumed all the problems were ISA related. Thanks for you help.
You are more than welcome. :)
Keith
Keith
Windows Networking
The Windows operating systems have distinct methodologies for designing and implementing networks, and have specific systems to accomplish various networking processes, such as Exchange for email, Sharepoint for shared files and programs, and IIS for delivery of web pages. Microsoft also produces server technologies for networked database use, security and virtualization.
51K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
have you enabled the ISA System Policy as well as the firewall policy?
How are you provisioning the ldap query - through a publishing rule?
Have you got ISA2006 sp1 installed?