Fortinet 5.0 Patch 6

Fortinet 231 FortiWeb 5.0 Patch 6 Administration Guide

Distinguished Name Type the distinguished name (DN), such as:

ou=People,dc=example,dc=com

cn=users,dc=example,dc=com

that forms the full path in the directory to the user account objects.

Bind Type Select one of the following LDAP query binding styles:

•Simple — Bind using the client-supplied password and a bind

DN assembled from the Common Name Identifier, Distinguished

Name, and the client-supplied user name.

•Regular — Bind using a bind DN and password that you

configure in User DN and Password. This also allows for group

authentication.

•Anonymous — Do not provide a bind DN or password. Instead,

perform the query without authenticating. Select this option only

if the LDAP directory supports anonymous queries.

User DN Type the bind DN, such as cn=FortiWebA,dc=example,dc=com,

of an LDAP user account with permissions to query the

Distinguished Name. The maximum length is 255 characters.

This field may be optional if your LDAP server does not require the

FortiWeb appliance to authenticate when performing queries, and

does not appear if Bind Type is Anonymous or Simple.

Password Type the password of the User DN.

This field may be optional if your LDAP server does not require the

FortiWeb appliance to authenticate when performing queries, and

does not appear if Bind Type is Anonymous or Simple.

Filter Type an LDAP query filter string, if any, that will be used to filter out

results from the query’s results based upon any attribute in the

record set, such as:

(&(|(objectClass=user)(objectClass=group)(objectCl

ass=publicFolder)))

For syntax, see an LDAP query filter reference. If you do not want to

exclude any accounts from the query, leave this blank.

The maximum length is 255 characters. This option appears when

Bind Type is Regular.

Group

Authentication

Enable to filter the query results, only allowing users to authenticate

if they are members of the LDAP group that you define in Group DN.

Users that are not members of that group will not be allowed to

authenticate. Also configure Group Type and Group DN.

This option appears only when Bind Type is Regular.

Setting name Description