Integration with an external directory service
Integration with an external directory service
July 4, 2024
ID 65337
The following custom scripts are used to integrate Kaspersky Security 8 for Linux Mail Server with an external directory service:
searchemail
is used for determining the email message ID, the user group list ID, sender, and recipientsearchusers
– used for searching a user in an external directory service and for searching a user in custom white and black lists of addresses;getuseraccount
– used for substituting user accounts with names while viewing a rule. If the script was started but did not perform its function, the rule displays the user IDs only;login
– used during authorization of a user from an external directory service;checkconnection
– used to check the availability of an external directory service. The results of custom script operation are displayed in the Kaspersky Security 8 for Linux Mail Server web interface window on the Monitoring tab.
User scripts should be run for the user kluser
. Any supported language can be used to write the user scripts.
To configure Kaspersky Security 8 for Linux Mail Server integration with an external directory service using custom scripts:
- Copy user scripts to one of the following folders:
/etc/opt/kaspersky/klms/scripts
for a Linux operating system./usr/local/etc/kaspersky/klms/scripts
for a FreeBSD operating system.
- Export the
Auth
task settings to an XML file with the following command:# /opt/kaspersky/klms/bin/klms-control -–get-settings Auth -n -f auth_settings.xml
- Set the type of integration with the external directory service to custom integration in the
Auth
task settings file with the following command:sed -i 's|<integrationType>.*</integrationType>|<integrationType>Custom</integrationType>|g' auth_settings.xml
- Import
Auth
task settings from the XML file into the application with the following command:# /opt/kaspersky/klms/bin/klms-control -–set-settings Auth -n -f auth_settings.xml