Setting up LDAP Authentication in Mimecast
When implementing Mimecast services for the first time, connecting your organization's infrastructure to Mimecast through LDAP authentication will enable you to securely automate the management of Mimecast users and groups using your company directory.
Mimecast Directory Sync provides LDAP authentication for email clients such as Microsoft Office 365, Microsoft Exchange and Microsoft Outlook, and enables you to eliminate the administrative overhead of managing Mimecast users and groups manually. LDAP integration also offers additional benefits, including future enablement and minimizing the administrative burden of configuring and maintaining Mimecast services.
Options for LDAP authentication
With the Directory Sync tool in Mimecast, you have a number of options for LDAP authentication with your on-premises email environment.
- Office 365/Windows Azure Active Directory. If you use Office 365 or are already synchronizing an on-premises Active Directory to Windows Azure, you can automate the management of your users and groups with a cloud-to-cloud Azure Active Directory Sync.
- Active Directory Sync with the Mimecast Synchronization Engine. Through a secure outbound connection from your internal network, Active Directory users and groups can be securely and automatically synchronized to Mimecast using the Mimecast Synchronization Engine.
- LDAP Active Directory Sync. Active Directory users and groups can be automatically synchronized to Mimecast using inbound LDAP authentication. (A firewall change is required to allow connectivity from Mimecast your Domain Controllers.)
- Domino Directory. Mimecast also offers an LDAP configuration and synchronization feature to automate management of users and groups in Domino Directory.
Preparing for LDAP authentication
Before beginning LDAP authentication, there are several steps you may need to consider.
- Existing archived data may need to be exported in order to import it into Mimecast.
- Existing policies and settings may need to be documented and recorded, as it might not be possible to export organization policies from your existing email management service. This will ensure that accounts behave as intended when email flow is moved to Mimecast.
- Validation and testing may be necessary to ensure a smooth deployment. Mimecast's Connect Team runs a series of tests at each stage of the process, but we also recommend that clients plan provision their own acceptance testing.
Mimecast is designed for self-service troubleshooting to give IT teams more control and to speed resolution of issues. But when you need to speak with an expert staff about LDAP authentication, our helpdesk is available 24/7 depending on your support contract and service level agreement. Additionally, our Mimecaster Central community provides a detailed Knowledge Base including video tutorials, troubleshooting guides, and more.