Cisco Email Security

CES: Azure-to-LDAP Connector

The Azure to LDAP connector allows CES customers to leverage Microsoft Graph REST APIs to access data in Azure Active Directory and Office 365 services. Specifically, to retrieve email relevant attributes and store them in CES in an LDAP server for Recipient Validation.

You will need to create a certificate (w/ private key) and an application within Microsoft Azure to allow the tool permission to read the directory. Once this is created the ESA will be configured with the application information provided in the CES LDAP Letter.

Azure to LDAP Connector Requests

Cisco Cloud Email Security customers can request add-on services to be enabled on their instances:

Once the request is made, the administrative contact will recieve an email with the LDAP servers and credentials that will be used to create the profile as shown below:

You may then enable LDAP for the following:

  • Listener (Listener Settings) & associated to the Recipient Access Table (RAT)
  • Incoming Mail Policies
  • Outgoing Mail Policies


LDAP Connector only supports User data sync and not group sync.

What's Next

Choose from one of the following to create your certificate...

Azure to LDAP - Manual Certificate Creation
Azure to LDAP - Express Certificate Creation

CES: Azure-to-LDAP Connector

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.