ldap_profile profile group | set |
ldap_profile profile group
Use these commands to configure an LDAP group query.
Syntax
set ldap_profile profile <name_str> group groupstate {enable disable} set ldap_profile profile <name_str> group groupstate {enable disable} virtual {enable disable} memberofattribute <attr_str> relativename {enable disable} basedn <basedn_str> groupnameattribute <grp_str>
Keywords and Variables | Description | Default |
|
|
|
<name_str> | Enter the name of the LDAP profile. |
|
groupstate {enable disable} | Enable or disable group LDAP queries. | disable |
virtual {enable disable} | Enable this option to specify any LDAP tree node. Any node | disable |
| that falls under the specified tree node will be considered a |
|
| member of the group. Since the specified node isn’t defined |
|
| as a group in the LDAP database, the FortiMail unit sees it |
|
| as a sort of ‘virtual group.’ |
|
membershipattribute | Enter the user attribute that defines the groups the user |
|
<attr_str> | belongs to. For example, this attribute is memberOf for |
|
| Active Directory servers. |
|
relativename {enable | With the appropriate information entered, the admin need | disable |
disable} | only enter the LDAP group name when creating a recipient- |
|
based policy, for example. If this option is disabled, the |
| |
| group name attribute, group name, and group base DN must |
|
| be specified in the policy. |
|
basedn <basedn_str> | Enter the group base DN if relativename is enabled. |
|
groupnameattribute <grp_str> | Enter the group name attribute if relativename is |
|
| enabled. |
|
History
FortiMail v3.0 MR3 New.
Related topics
•set ldap_profile clearallcache
•set ldap_profile profile auth
•set ldap_profile profile clearcache
•set ldap_profile profile pwd
•set ldap_profile profile routing
•set ldap_profile profile server
•set ldap_profile profile user
•unset ldap_profile
| FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference |
194 |
