Ldapprofile profile user | Fortinet 3.0 MR4 guide


set	ldap_profile profile user

ldap_profile profile user

Use these commands to configure user query options for the FortiMail unit to query the LDAP server.

Syntax

set ldap_profile profile <name_str> user basedn <basedn_str> set ldap_profile profile <name_str> user binddn <binddn_str> set ldap_profile profile <name_str> user bindpw <bindpw_str> set ldap_profile profile <name_str> user query <query_str>

set ldap_profile profile <name_str> user schema {activedirectory dominoperson inetlocalmailrcpt inetorgperson userdefined}

set ldap_profile profile <name_str> user scope {one sub}

Keywords and Variables	Description	Default

<name_str>	Enter the name of the LDAP profile.
basedn <basedn_str>	Enter the distinguished name (DN) that will be the	no default
	default point from which LDAP directory lookups will
	occur.

binddn <binddn_str>	Enter the bind DN of an account with the rights to	no default
	complete the required LDAP queries.
bindpw <bindpw_str>	Enter the bind password.	no default
deref {never always	Specify how alias dereferencing is done. The values	never
search find}	are Never, Always, Search, or Find to specify that
search find}	aliases are never dereferenced, always dereferenced,
	dereferenced when searching, or dereferenced only
	when finding the base object for the search.

query <query_str>	Set the query to be used for finding a user in the LDAP	(& (objectClass
	directory.	=inetOrgPerson)
		(mail=$m))
schema	Set the predefined directory schema depending on	inetorgperson
{activedirectory	your LDAP server type.
dominoperson	• {userdefined} uses the schema set with the user
inetlocalmailrcpt	query command.
inetlocalmailrcpt
inetorgperson
userdefined}
scope {one sub}	Set the search scope. This setting determines the	sub
	depth of search.
	• {one} is a single level.
	• {sub} is the subtree.

History

FortiMail v3.0

New.

Related topics

•set ldap_profile profile auth

•set ldap_profile profile group

•set ldap_profile profile option

•set ldap_profile profile pwd

•set ldap_profile profile routing

•set ldap_profile profile server

FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
06-30004-0420-20080814	199

Image 199

Contents

I R E F E R E N C E Trademarks Contents Get Set 122 157 167 198 237 275 Unset 353 Index 361 Page About this document About the FortiMail Secure Messaging Platform Service./H4 Execute restore config filenamestrAuthentication/TITLE/HEAD BODYH4You must authenticate to use this FortiMail QuickStart Guides FortiMail documentation Comments on Fortinet technical documentation Customer service and technical support Bypassbounceverify What’s new 06-30004-0420-20080814 Set console page lengthint CLI command syntaxSet console Set allowaccess ping https ssh snmp http telnet Connecting to the CLI Welcome FortiMail-400 loginGet system interface To connect to the CLI using SSH CLI command branches Execute Execute backup config namestr serveripv4 Backup configExecute restore Execute checklogdisk ChecklogdiskExecute checkmaildisk Execute checkmaildisk CheckmaildiskExecute checklogdisk Execute clearqueue Clearqueue Execute factoryreset Factoryreset Formatlogdisk Execute formatmaildisk Execute formatmaildiskbackupExecute formatlogdisk Execute formatmaildisk Formatmaildisk Execute formatmaildiskbackup FormatmaildiskbackupExecute formatmaildisk Execute clearqueue MaintainExecute maintain mailqueue clear age ageunit Execute maintain mailqueue clear age 23d Execute nslookup host mx nameserver NslookupExecute ping Execute traceroute Partitionlogdisk Execute partitionlogdisk logint Execute ping hostname hostipv4 PingExecute ping-option Execute ping-option option Ping-optionExecute ping Execute reboot RebootExecute reload Reload Execute rebootExecute reload Execute restore config image namestr serveripv4 RestoreExecute backup config Execute shutdown Shutdown Execute smtptest ipv4addrport domain domainstr SmtptestExecute smtptest 192.168.100.225 domain example.com Execute telnettest hostipv4port Telnettest Execute traceroute hostipv4 TracerouteExecute maintain Execute ping Execute update config Update config Execute updatecenter updatenow Updatecenter updatenow Updatecenter updatenow Get Get alertemail configuration Alertemail configurationGet alertemail setting Get alertemail configuration Alertemail setting Get antivirus Antivirus Get as option Get History Get auth imap pop3 radius smtp Auth Get av profilename Get config searchstring Config Get console Console Get fshd status Fshd status Get ipprofile Is disabled, Difference are not allowedIppolicy Get ippolicy policynumber Get ippool namestr IppoolGet ipprofile Set ippool Set ippool addentry Get ipprofile profilename Ipprofile Get ippolicy Get ldapprofile profile namestr Ldapprofile Get limits Limits Get log elog Log elog Get log logsetting Log logsettingSet log setting local Set log setting syslog Get log msisdn Log msisdnSet log msisdn Set log view fields Get log policy Log policy Log query Set log reportconfig qryGet log query FortiMail v3.0 New Log reportconfig Get log view event history spam virus Log view Get mailserver Mailserver Get mailserver access Mailserver access Get mailserver archive Mailserver archiveGet mailserver archive exemptlist local policy remote Get mailserver localdomain Mailserver localdomains Mailserver smtp Get mailserver smtp setting Get mailserver systemquarantine Mailserver systemquarantine Get misc profilename Misc profile Get outcontent namestr OutcontentGet outpolicy Get outprofile Outpolicy Get outcontent Get outprofileGet outpolicy namestr Outprofile Get outcontent Get outpolicyGet outprofile namestr Get policy fqdn Policy Get spam deepheader Spam deepheader Get spam heuristic rules Spam heuristic rules Get spam retrieval policy fqdnstr Spam retrieval policy Get system item System Time time Snmp thresholdStatus Time ntp Alias Group Ldap map Mail Map UserGet user item Get userpolicy Get userpolicy namestr UserpolicyGet user Page Set Set alertemail configuration mailto none Alertemail configuration mailtoSet alertemail deferq Set alertemail setting option Intervalminutes Alertemail deferqTriggervalue 000 Set alertemail configuration mailto Set alertemail deferq Alertemail setting optionSet alertemail setting option optionlist none Set alertemail setting option diskfull quotafull Set antivirus enable disable Set as blacklistaction reject discard profile As blacklistactionSet as profile modify whitelistword Set ipprofile sendervalidation As bounceverifyTagexpiry Expiryint Set as control autorelease delete release controlaccount As control autorelease As control bayesian Set as profile modify bayesian Set as profile modify actions As greylist Set as profile modify greylist Set ipprofile mmsreputation As mmsreputation Set as profile namestr delete As profile delete As profile modify actions Webrelease Enable disableAs profile modify auto-release Auto-release As profile modify bannedword Set as profile namestr modify bannedword enable disableSet as profile modify bannedwordlist Set as profile modify bannedword As profile modify bannedwordlist Set as control bayesian As profile modify bayesian FortiMail v3.0 MR1 checkip and headeranalysis added Enable disable CheckipAs profile modify deepheader Headeranalysis Dictprofile As profile modify dictionaryDictint As profile modify dnsbl Set as profile namestr modify dnsbl enable disableSet as profile modify dnsblserver Move-to newint As profile modify dnsblserverSet as profile modify dnsbl Hoststr As profile modify forgedip Set as profile namestr modify forgedip enable disable As profile modify fortishield As profile modify greylist Set as profile namestr modify greylist enable disable As profile modify heuristic Aggressive As profile modify imagespam Discard forward As profile modify individualaction scannerScanner bannedword Subject reject Set as control autorelease Set as spamreport As profile modify quarantineDays daysint As profile modify rewritercpt Bypassonauth As profile modify scanoptionsMaxsize sizeint As profile modify surbl Set as profile namestr modify surbl enable disableSet as profile modify surblserver Set as profile modify surbl As profile modify surblserverRename-to newstr Stag tagstr As profile modify tagsHtag tagstr Header As profile modify virus Set as profile namestr modify virus enable disable As profile modify whitelistword Set as profile namestr modify whitelistword enable disableSet as profile modify whitelistwordlist As profile modify whitelistwordlist Set as control autorelease Set as profile modify quarantine As spamreport As trusted Set auth imap namestr rename-to newstr Auth imap rename-toSet auth imap server Option ssl secure Auth imap serverSet auth imap rename-to Serveripv4 Port portint Set auth pop3 namestr rename-to newstr Auth pop3 rename-toSet auth pop3 server Set auth pop3 rename-to Auth pop3 server110 Set auth radius namestr rename-to newstr Auth radius rename-toSet auth radius server Serveripv4 Secret Passwordstr DomainAuth radius server Set auth radius rename-to Set auth smtp namestr rename-to newstr Auth smtp rename-toSet auth smtp server Set auth smtp rename-to Auth smtp server Set av avprofname delete Av delete Set av avprofname modify actions discard reject Av modify actions Av modify heuristic Set av avprofname modify heuristic enable disable Av modify heuristic heuristicaction Av modify scanner Set av avprofname modify scanner enable disable Set av avprofname rename-to newnamestr Av rename-to Lineint 38400 57600 Mode batch lineSet system appearance Set system option Baudrate 9600 Set content namestr delete Content deleteSet content modify filetype Set content modify monitor Content modify action Set content namestr modify bypassonauth enable disable Content modify bypassonauthSet content modify action Set content modify filetype Set content namestr modify defersize sizeint Content modify defersizeSet content modify bypassonauth Set content modify filetype Blocked Content modify filetypeSet content modify action Set content modify monitor Filetypestr Set content modify monitor action Content modify monitor Replace review Content modify monitor actionAction none None 155 Fshd Set ippolicy delete Set ippolicy move Set ippolicy policyint Scan Ippolicy actionSet ippolicy policyint action scan reject tempfail Policyint Set ippolicy policyint as namestr Ippolicy as Ippolicy auth Set ippolicy policyint av namestr Ippolicy av Set ippolicy policyint content namestr Ippolicy content Set ippolicy policyint delete Ippolicy deleteSet ippolicy Set ippolicy move Ippolicy exclusive Set ippolicy policyint exclusive enable disable Set ippolicy policyint ip namestr Ippolicy ip Set ippolicy policyint match clientipv4/mask Ippolicy match gateway and server modes 0.0/0 Ippolicy match transparent modeSet ippolicy match gateway and server modes Clientipv4/mask Set ippolicy policyint move newint Ippolicy moveSet ippolicy Set ippolicy delete Ippolicy smtp Set ippool namestr Ipv4 Ippool addentrySet ippool namestr addentry ipv4 sizeint Set ippool Set ippool delentry Set ippool delete Get ippool Set ippool Set ippool addentry Set ippool delete Get ippool Ippool delentrySet ippool namestr delentry rangeIDint RangeIDint Set ippool namestr delete Ippool delete 174 Ipprofile check Integer seconds SenddsnSender Splice Ipprofile connection Set ipprofile namestr delete Ipprofile deleteSet ipprofile rename Increment int Ipprofile errorInitialdelay int Free int Ipprofile headermanipulation Rset int Ipprofile limitEmails int Ipprofile list Ipprofile mmsreputation Set ipprofile namestr rename newstr Ipprofile renameSet ipprofile delete Ipprofile senderreputation Ipprofile sendervalidation 187 Connection Ipprofilesetting ratecontrolSet ipprofilesetting ratecontrol connection message Ratecontrol Asavstate Ldapprofile profile asavAntispam asstr Antivirus avstr Set ldapprofile clearallcache Ldapprofile clearallcache Ldapprofile profile auth Set ldapprofile profile namestr clearcache Ldapprofile profile clearcache 389 Ldapprofile profile fallbackserverFallbackserver hoststr Serveripv4 Ldapprofile profile group Ldapprofile profile option Ldapprofile profile pwd Ldapprofile profile routing Server hoststr Ldapprofile profile serverSecure none ssl Ldapprofile profile user Ldapprofile profile user Set Adminperdomint AdminintLimits domain-level Domainint Limits system-level generalProfilesint Set limits system-level groups groupsint membersint Limits system-level groups Set limits system-level mail-users usersint Limits system-level mail-users Limits system-level other-profiles Outgoingint Limits system-level policiesSet limits system-level policies ipint outgoingint Ipint 207 Set log msisdn enable disable Log policy destination event Log policy destination history Detected none Log policy destination spam Infected none Log policy destination virus Log reportconfig direction Domainname3 Log reportconfig domainDomainname1 Domainname2 Emailaddr3 Log reportconfig mailtoEmailaddr1 Emailaddr2 Log reportconfig period Qry querystr1 Log reportconfig qryQuerystr2 Querystr3 Datesint Log reportconfig schedule hourSchedule hour daily Days daysstr dates Emergency Log setting consoleEnable disable Loglevel Severityinteger Log setting local Log setting syslog Log setting syslog Set Log view fields Loglevel event Log view loglevelHistory spam virus Loglevel Senderpattern Patternstr AuthenticatedRule number Set move Relay reject MR4 Added authenticated and tlsprofileTlsprofile Profilestr Permission ok Mailserver archive account Set mailserver archive exemptlist exemptid ? Mailserver archive exemptlist Set mailserver archive local quota quotaint Mailserver archive local quota Body Mailserver archive policySet mailserver archive policy policyid ? Recipient subject Mailserver archive remote Set mailserver deadmail value Mailserver deadmail Smtps portnumber Mailserver portnumberPop3 Portnumber Smtp Portnumber Set mailserver proxy smtp unknown Mailserver proxy smtp interface Hide Mailserver proxy smtp unknownSet mailserver proxy smtp unknown hide original Set mailserver proxy smtp interface Port portnumber AuthenticationEnable disable Username namestr Mailserver relayserver Starttime hhmm Mailserver smtp deferbigmsgStoptime hhmm Set mailserver smtp delivery noesmtp yes no Mailserver smtp delivery Mailserver smtp dsn Mailserver smtp ldapdomaincheck Mailserver smtp queue Mailserver smtpauth Mailserver smtpssl Set mailserver smtpssl enabled disabled Dir Type disableMailserver smtp storage Client type Client server Mailserver smtp storage cquarSet mailserver smtp storage cquar type client Mailserver smtp storage cquar Set Set content modify action Set content modify monitor action Set misc profile namestr delete Misc profile deleteSet misc profile rename-to Set misc profile namestr modify quota quotaint Misc profile modify quotaQuotaint Misc profile modify userstatus Set misc profile namestr modify userstatus enable disableUserstatus Webmailaccess Misc profile modify webmailaccess Set misc profile namestr rename-to newstr Misc profile rename-toSet misc profile delete Set outcontent namestr delete Outcontent delete Set outcontent modify action Set outcontent modify monitor Outcontent modify actionForward reject Set outcontent namestr modify bypassonauth enable disable Outcontent modify bypassonauthSet outcontent modify action Set outcontent modify filetype Outcontent modify filetype Reject replace Outcontent modify monitor actionReview Set outcontent modify monitor action Outcontent modify monitorTags header enable 259 Set outpolicy userstr delete Outpolicy profile deleteSet outpolicy move-to Set outpolicy rename-to Outpolicy modify Set outpolicy userstr move-to newint Outpolicy move-toSet outpolicy profile delete Set outpolicy rename-to Set outpolicy userstr rename-to newstr Outpolicy rename-toSet outpolicy profile delete Set outpolicy move-to Set outprofile profile namestr delete Outprofile profile deleteSet outprofile profile rename-to Outprofile profile modify actions Review enable disableNamestr Outprofile profile modify bannedword Outprofile profile modify bannedwordlist Outprofile profile modify bayesian Outprofile profile modify deepheader Outprofile profile modify dictionary Outprofile profile modify dnsbl Set outprofile profile namestr modify dnsbl enable disable Outprofile profile modify dnsblserver Outprofile profile modify fortishield Outprofile profile modify greylist Outprofile profile modify heuristic Enable disable Upper-level Outprofile profile modify imagespam Action Outprofile profile modify individualaction scanner Outprofile profile modify scanoptions Outprofile profile modify surbl Set outprofile profile namestr modify surbl enable disable Outprofile profile modify surblserver Outprofile profile modify tags Outprofile profile modify virus Set outprofile profile namestr modify virus enable disable Set outprofile profile modify whitelistwordlist Outprofile profile modify whitelistword Set outprofile profile modify whitelistword Outprofile profile modify whitelistwordlist Set outprofile profile namestr rename-to newstr Outprofile profile rename-toSet outprofile profile delete 286 Set policy fqdnstr delete Policy deleteSet policy modify rename-to Policy fqdnstr Policy modify addassociationAddassociation fqdn Policy modify bverifyaddr Set policy fqdnstr modify bverifyaddr disable ldap smtpSet policy modify verifyaddr Fallbackhost Hostipv4 Policy modify fallbackFallbackport Portint Policy modify ip Policy modify issubdomain Set policy fqdnstr modify issubdomain enable disable Set policy fqdnstr modify ldapasav profile profilestr Set policy fqdnstr modify ldapasav state enable disableSet policy fqdnstr modify ldaprouting state enable disable Policy modify ldap Set policy fqdnstr modify mxflag 0 Policy modify mxflag Zoneintr Policy modify tpSet policy fqdnstr modify tp zoneintr yes no yes no Fqdnstr Set policy delete Set policy modify rename-to Policy modify user Verifyaddr ldap Smtp disablePolicy modify verifyaddr Set policy modify bverifyaddr Set policy fqdnstr rename-to newfqdnstr Policy modify rename-toSet policy delete Confidenceint Set spam deepheader confidence confidenceintConfidence 95.0000 Set as control autorelease Set system option Set user System admin Set console System appearance Set system autoupdate pushaddressoverride disable System autoupdate pushaddressoverride Set system autoupdate pushupdate enable disable System autoupdate pushupdate Set system autoupdate schedule enable disable every hhmm System autoupdate scheduleSet system autoupdate schedule enable disable daily hhmm Username Usernamestr System autoupdate tunnelingAddress addrip4 Port portnum System ddns System disclaimer allowdomain Set system disclaimer allowdomain enable disable System disclaimer incoming System disclaimer outgoing System dns Central-management Autobackup enable disableEnable disable Initiate enable disable System fortimanager Set system ha config portinteger timeoutinteger System ha configSet system ha config 20001 Cpeeripv4 System ha takeover command DisabledAny Cpeerinteger 255.255.255.0 Primary-localipv410.0.0.1 Netmaskipv4 Set system ha interface port5 10.0.0.3 Set system ha interface port5 10.0.0.2Set system ha interface port5 10.0.0.4 317 Dataportinteger Set system ha data dataportinteger timeoutintegerSet system ha config 20002 System ha data System ha datadir Checktimeinteger System ha lserviceSet system ha lservice pprts 30 Ports hd Mode mode System ha modeSet system ha mode mode Set system ha mode cmaster 20000 System ha monitorSet system ha monitor port 20000 20 Heartbeatportinteger 323 Set system ha on-failure slave Set system ha on-failure off restore slaveRestore System ha on-failure Set system ha passwd passwdstr System ha passwdSet system ha passwd Passw4D Set system ha remote-as-heartbeat enable Set system ha remote-as-heartbeat enable disableSystem ha remote-as-heartbeat Restart System ha restart restore resyncSet system ha restart restore resync Set system ha resync System ha rservice Set system ha rservice pop 10.10.10.2 25 30 20 System ha takeover Set system ha takeover port5 add 10.10.10.2 System ha takeover Set system hostname hostnamestr System hostname System interface config Defaultgw Disable System interface mode dhcpSet system interface intfstr mode dhcp Connection Disable Set system interface intfstr mode static ip addrip4 maskip4 System interface mode static Set system opmode gateway server transparent System opmode System option Set system admin Set system appearanceSet system option option1 value1 System route number System snmp community Set system snmp sysinfo threshold Set system snmp community System snmp sysinfo threshold Set system time ntp System time manual Set system time manual System time ntp System usrgrp Set system admin Set user Set user ldap map domain domainname profile ldapprofilename Set user alias name namestr member addr addrSet user alias name namestr addmember addr addr Set user map internalname intstr externalname extstr User pki Set userpolicy move-to Set userpolicy rename-to Userpolicy deleteSet userpolicy namestr delete Miscstr Userpolicy modifyAsstr Avstr Set userpolicy delete Set userpolicy rename-to Userpolicy move-toSet userpolicy namestr move-to newint Set userpolicy delete Set userpolicy move-to Userpolicy rename-toSet userpolicy namestr rename-to newstr 352 Unset Unset alertemail configuration Unset ldapprofile profile namestr Unset log reportconfig namestr Unset mailserver configuration Unset system configuration Map name mapstr Unset user configurationUser transparent and gateway Alias name aliasstr Group name groupstr User serverLdap map domain domainint Index Dkim 186 DNS 363 Smtp 365 366