Integration with an external directory service

The following custom scripts are used to integrate Kaspersky Security 8 for Linux Mail Server with an external directory service:

searchemail is used for determining the email message ID, the user group list ID, sender, and recipient
searchusers – used for searching a user in an external directory service and for searching a user in custom white and black lists of addresses;
getuseraccount – used for substituting user accounts with names while viewing a rule. If the script was started but did not perform its function, the rule displays the user IDs only;
login – used during authorization of a user from an external directory service;
checkconnection – used to check the availability of an external directory service. The results of custom script operation are displayed in the Kaspersky Security 8 for Linux Mail Server web interface window on the Monitoring tab.

User scripts should be run for the user kluser. Any supported language can be used to write the user scripts.

To configure Kaspersky Security 8 for Linux Mail Server integration with an external directory service using custom scripts:

Copy user scripts to one of the following folders:
- /etc/opt/kaspersky/klms/scripts for a Linux operating system.
- /usr/local/etc/kaspersky/klms/scripts for a FreeBSD operating system.
Export the Auth task settings to an XML file with the following command:
# /opt/kaspersky/klms/bin/klms-control -–get-settings Auth -n -f auth_settings.xml
Set the type of integration with the external directory service to custom integration in the Auth task settings file with the following command:
sed -i 's|<integrationType>.*</integrationType>|<integrationType>Custom</integrationType>|g' auth_settings.xml
Import Auth task settings from the XML file into the application with the following command:
# /opt/kaspersky/klms/bin/klms-control -–set-settings Auth -n -f auth_settings.xml