How to Configure LDAP and enable DHA protection on HES

This article will walk you through the process of integrating an LDAP server with Hosted Email Security and enabling DHA protection on Hosted Email Security.

Here are the steps in adding LDAP to your Hosted Email Security and how to enable DHA.

• Login to Hosted Email Security as admin@yourdomain.com
• Go to Manage | Server | Ldap Configuration
• Click on Add Server
• Type in the IP address and port number as well as the LDAP server. In most cases, LDAP server type Active Directory.
• Enter login name and password LDAP login method.
• Click on Test LDAP login to see if it can connect.
• Click on Save Changes

  NOTE: To integrate Azure AD please refer to Configure Azure Active Directory (AD) in HES

Once above steps are done it should look like the picture below.

NOTE: The diagrams and written content within the images are provided for illustrative purposes only. 

• Go to LDAP Query Panel
• Enter the directory node to begin search.
• In Filter make sure you remove at the end the userPrincipalName. (userPrincipalName will be removed in the upcoming version of Firmware).
• Once done make sure you click on Test User Query
• Click on Save Changes
• Next navigate to Users, Groups and Domains | Users and click Refresh Users & Groups.

NOTE: To allow LDAP connections from HES through your firewall, please refer to How to configure Firewall to allow HES to connect to LDAP server.

How to enable DHA on Hosted Email Security.

• Go to Manage | Network | Server Configuration
• Scroll down to Directory Harvest Attach (DHA) Protection Settings
• Click on the pull down menu in Action for messages sent to email address that are not in your LDAP server.
• Go to reject invalid Addresses.
• Select the preferred choice for Apply DHA protection to these recipient domains. It is recommended to select Apply to all recipient domains.
• Click Apply Changes.