How to configure the LDAP Lookup Plug-In within Symantec DLP

By November 20, 2020Symantec DLP Enforce
Run another search:
You are here:
< Back
To implement an LDAP Lookup Plug-In
  1. Create the following custom attributes at System > Attributes > Custom Attributes:

    LDAP givenName

    LDAP telephoneNumber

  2. Create a directory connection for the Active Directory server at System > Settings > Directory Connections.

    For example:

    • Hostname: enforce.dlp.company.com

    • Port: 389

    • Base DN: dc=enforce,dc=dlp,dc=com

    • Encryption: None

    • Authentication: Authenticated

    • username: userName

    • password: password

  3. Test the connection. The system indicates if the connection is successful.

  4. Create a new LDAP plug-in at System > Lookup Plugins > New Plugin > LDAP.

    Name: LDAP Lookup Plug-in

    Description: Description for the LDAP Plug-in.

  5. Select the directory connection created in Step 2.

  6. Map the attributes to LDAP metadata.

    attr.LDAP\ givenName = cn=users:(|(givenName=$endpoint-user-name$)(mail=$sender-email$)
    (streetAddress=$discoverserver$)):givenName
    attr.LDAP\ telephoneNumber = cn=users:(|(givenName=$endpoint-user-name$)(mail=$sender-email$)
    (streetAddress=$discoverserver$)):telephoneNumber
  7. Save the plug-in. Verify that the correct save message for the plug-in is displayed.

  8. Enable the following keys at the System > Lookup Plugins > Lookup Parameters page.

     

    • Incident

    • Message

    • Sender

  9. Create an incident that generates one of the lookup parameters. For example, an email incident exposes the sender-email attribute. There must be some corresponding information in the Active Directory server.

  10. Open the Incident Snapshot for the incident.

  11. Click the Lookup button and verify the custom attributes created in the Step 1 are populated in the right panel.

Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?