Search for answers or browse our knowledge base.
How to configure the LDAP Lookup Plug-In within Symantec DLP
To implement an LDAP Lookup Plug-In
-
Create the following custom attributes at System > Attributes > Custom Attributes:
LDAP givenName
LDAP telephoneNumber
-
Create a directory connection for the Active Directory server at System > Settings > Directory Connections.
For example:
-
Hostname: enforce.dlp.company.com
-
Port: 389
-
Base DN: dc=enforce,dc=dlp,dc=com
-
Encryption: None
-
Authentication: Authenticated
-
username: userName
-
password: password
-
-
Test the connection. The system indicates if the connection is successful.
-
Create a new LDAP plug-in at System > Lookup Plugins > New Plugin > LDAP.
Name: LDAP Lookup Plug-in
Description: Description for the LDAP Plug-in.
-
Select the directory connection created in Step 2.
-
Map the attributes to LDAP metadata.
attr.LDAP givenName = cn=users:(|(givenName=$endpoint-user-name$)(mail=$sender-email$) (streetAddress=$discoverserver$)):givenName attr.LDAP telephoneNumber = cn=users:(|(givenName=$endpoint-user-name$)(mail=$sender-email$) (streetAddress=$discoverserver$)):telephoneNumber
-
Save the plug-in. Verify that the correct save message for the plug-in is displayed.
-
Enable the following keys at the System > Lookup Plugins > Lookup Parameters page.
-
Incident
-
Message
-
Sender
-
-
Create an incident that generates one of the lookup parameters. For example, an email incident exposes the sender-email attribute. There must be some corresponding information in the Active Directory server.
-
Open the Incident Snapshot for the incident.
-
Click the Lookup button and verify the custom attributes created in the Step 1 are populated in the right panel.