We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

LDAP/AD Configuration Manager

  • Last updated on

Use the LDAP Configuration Manager to customize your LDAP or Active Directory data import into a Barracuda PhishLine address book.

Using this tool is optional. It is not required for importing data into a Barracuda PhishLine address book. Refer to How to Create an Address Book for:

  • basic information on importing address book data
  • a standard list of LDAP column attributes pulled for import
Note for Azure AD Users

The instructions in this article are for on-premises Active Directory. 

To set up Barracuda PhishLine using Azure Directory, you must configure Azure AD Domain Services. Refer to the following links for details:

 

Creating a New Configuration

To use LDAP/AD Configuration Manager:

  1. From the System menu, select LDAP/AD Configuration Manager.
  2. Click New.
  3. Enter the Configuration Name for the data source.
  4. Specify the User Name. If you do not know the full User Name, use a tool like dsquery to find it.
  5. The password for your LDAP user. It is not displayed here for security reasons. If you are not changing the password, leave this field empty. To change the password, enter the new password here. When you click Save, if a password has been entered, it will update in your LDAP/AD configuration record.

  6. Specify the address of the LDAP server in the form shown in this example:
    ldap.barracuda.com
  7. Specify the Port. The port is usually 636, unless you have permission to use a different port. See more about this port below in the "Configuring Access to your Firewall" section.
  8. Specify the Method. Choose the more secure LDAPS, unless you have a specific need to use the less secure LDAP.
  9. Specify the Distinguished Name, separating the standard sections with commas, as shown in this example:
    ou=Users,ou=longnamehere,dc=barracuda,dc=com
  10. If there are only certain parts of your data source that you want to import, specify a Search Filter. Note that your syntax must be exactly correct.
    If you leave this field blank, the default is objectClass="*".
    See the section below for additional information about search filters.
  11. In the Email Black List, specify any emails you know you will never be a part of a campaign. For example, you might enter emails for the head of your organization, your support center email, or other.
Editing an Existing Configuration

To edit an existing LDAP configuration:

  1. From the System menu, select LDAP/AD Configuration Manager.
  2. Locate the configuration you want to change and click the edit pencil icon editButton.png. Continue with the steps described above.

Importing the Data

After you have created your configuration, import the data into a Barracuda PhishLine address book. Refer to How to Create an Address Book for details – including a standard list of LDAP column attributes pulled for import.

Configuring Access to your Firewall

Configure your firewall to allow access from the following IP addresses to the port you specified in the LDAP/AD Configuration Manager, described above in Step 7.

  • 64.132.201.82
  • 74.203.211.2
  • 207.67.44.178

Search Filters

Create a Search Filter to locate just the records you want to import.

The following example can help you to consider the factors involved in creating a Search Filter.

(&(|(mail=*yourcompany.com)(mail=*yourothercompanydomain.com))(objectCategory=person)(objectclass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

The Search Filter above returns records that:

  • Have EITHER an email address @yourcompany.com, OR at yourothercompanydomain.com
  • AND the record is classified a Person (as opposed to a group, list, etc.)
  • AND the record is classified as a User
  • AND the userAccountControl number indicates the account is not disabled.

This article from Microsoft is a helpful resource for creating Search Filters.

Last updated on