Integration with an external directory service
Aug 21, 2023
The following custom scripts are used to integrate Kaspersky Security 8 for Linux Mail Server with an external directory service:
searchemailis used for determining the email message ID, the user group list ID, sender, and recipient
searchusers– used for searching a user in an external directory service and for searching a user in custom white and black lists of addresses;
getuseraccount– used for substituting user accounts with names while viewing a rule. If the script was started but did not perform its function, the rule displays the user IDs only;
login– used during authorization of a user from an external directory service;
checkconnection– used to check the availability of an external directory service. The results of custom script operation are displayed in the Kaspersky Security 8 for Linux Mail Server web interface window on the Monitoring tab.
User scripts should be run for the user
kluser. Any supported language can be used to write the user scripts.
To configure Kaspersky Security 8 for Linux Mail Server integration with an external directory service using custom scripts:
- Copy user scripts to one of the following folders:
/etc/opt/kaspersky/klms/scriptsfor a Linux operating system.
/usr/local/etc/kaspersky/klms/scriptsfor a FreeBSD operating system.
- Export the
Authtask settings to an XML file with the following command:
# /opt/kaspersky/klms/bin/klms-control -–get-settings Auth -n -f auth_settings.xml
- Set the type of integration with the external directory service to custom integration in the
Authtask settings file with the following command:
sed -i 's|<integrationType>.*</integrationType>|<integrationType>Custom</integrationType>|g' auth_settings.xml
Authtask settings from the XML file into the application with the following command:
# /opt/kaspersky/klms/bin/klms-control -–set-settings Auth -n -f auth_settings.xml