LDAP servers | Authentication servers |
Figure 3: Configure FortiGate unit for LDAP authentication
Query Icon
Name | Enter the name that identifies the LDAP server on the FortiGate |
| unit. |
Server Name/IP | Enter the domain name or IP address of the LDAP server. |
Server Port | Enter the TCP port used to communicate with the LDAP server. |
| By default, LDAP uses port 389. |
| If you use a secure LDAP server, the default port changes when |
| you select Secure Connection. |
Common Name | Enter the common name identifier for the LDAP server. The |
Identifier | maximum number of characters is 20. |
Distinguished Name | Enter the base distinguished name for the server using the |
| correct X.500 or LDAP format. The FortiGate unit passes this |
| distinguished name unchanged to the server. The maximum |
| number of characters is 512. |
Query icon | View the LDAP server Distinguished Name Query tree for the |
| LDAP server that you are configuring so that you can cross- |
| reference to the Distinguished Name. |
| For more information, see the “Using the Query icon” on |
| page 24. |
Bind Type | Select the type of binding for LDAP authentication. |
Regular | Connect to the LDAP server directly with user name/password, |
| then receive accept or reject based on search of given values. |
Anonymous | Connect as an anonymous user on the LDAP server, then |
| retrieve the user name/password and compare them to given |
| values. |
Simple | Connect directly to the LDAP server with user name/password |
| authentication. |
Filter | Enter the filter to use for group searching. Available if Bind Type |
| is Regular or Anonymous. |
User DN | Enter the Distinguished name of the user to be authenticated. |
| Available if Bind Type is Regular. |
Password | Enter the password of the user to be authenticated. Available if |
| Bind Type is Regular. |
Secure Connection | Select to use a secure LDAP server connection for |
| authentication. |
| FortiOS v3.0 MR7 User Authentication User Guide |
22 |
|