We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

LDAP User Include/Exclude Rules

  • Last updated on

This article refers to Barracuda Message Archiver firmware version 5.0 or higher.

When adding LDAP users and LDAP groups to the Barracuda Message Archiver through the USERS > LDAP Users Add/Update page, inclusion/exclusion rules are analogous to whitelist/blocklist.

When a configured user runs a search on the BASIC > Search page, the following whitelist/blocklist rules are in place:

  • Mail for addresses added to the Exclude these Addresses blacklist are NOT displayed unless the mail includes the user performing the search to assure that a user can always see their own mail.
  • The Exclude these Addresses blacklist always takes precedence; addresses added to the Include these Addresses whitelist are searchable unless the Exclude these Addresses blacklist blocks the mail.
  • Because a user with the Admin or Auditor role can by default view all mail, users set to these roles can only edit their Exclude these Addresses list.
  • If a user is not configured and is a member of a group, then the blacklist/whitelist rules assigned to that group apply to that user. Additionally, if the unconfigured user is a member of multiple groups, then the privileges for all of those groups are merged and that user is assigned the least privileged role of those groups. This allows the Admin to apply blacklist/whitelist rules to all users of a distribution group.

Exclude these Addresses
A user cannot run a Search As User Search on the BASIC > Search page on a user that is on their Exclude these Addresses Exclusion Rules blacklist.

Example Inclusion/Exclusion Rules

The following examples illustrates the inclusion/exclusion rules:

  • Example 1 – If Brian is not individually configured but is a member of the distribution group HR, then the Admin can set the blacklist/whitelist rules for the group HR, and Brian will use these settings when searching mail rather than seeing only his own mail.
  • Example 2 – If Josh is not individually configured but is a member of the distribution group HR which has an Auditor role, and Josh is also a member of the group Employees which has a User role, Josh has only the User role privileges when running a search.

 

Last updated on