LDAP servers

Authentication servers

Figure 3: Configure FortiGate unit for LDAP authentication

Query Icon

Name

Enter the name that identifies the LDAP server on the FortiGate

 

unit.

Server Name/IP

Enter the domain name or IP address of the LDAP server.

Server Port

Enter the TCP port used to communicate with the LDAP server.

 

By default, LDAP uses port 389.

 

If you use a secure LDAP server, the default port changes when

 

you select Secure Connection.

Common Name

Enter the common name identifier for the LDAP server. The

Identifier

maximum number of characters is 20.

Distinguished Name

Enter the base distinguished name for the server using the

 

correct X.500 or LDAP format. The FortiGate unit passes this

 

distinguished name unchanged to the server. The maximum

 

number of characters is 512.

Query icon

View the LDAP server Distinguished Name Query tree for the

 

LDAP server that you are configuring so that you can cross-

 

reference to the Distinguished Name.

 

For more information, see the “Using the Query icon” on

 

page 24.

Bind Type

Select the type of binding for LDAP authentication.

Regular

Connect to the LDAP server directly with user name/password,

 

then receive accept or reject based on search of given values.

Anonymous

Connect as an anonymous user on the LDAP server, then

 

retrieve the user name/password and compare them to given

 

values.

Simple

Connect directly to the LDAP server with user name/password

 

authentication.

Filter

Enter the filter to use for group searching. Available if Bind Type

 

is Regular or Anonymous.

User DN

Enter the Distinguished name of the user to be authenticated.

 

Available if Bind Type is Regular.

Password

Enter the password of the user to be authenticated. Available if

 

Bind Type is Regular.

Secure Connection

Select to use a secure LDAP server connection for

 

authentication.

 

FortiOS v3.0 MR7 User Authentication User Guide

22

01-30007-0347-20080828

Page 22
Image 22
Fortinet v3.0 MR7 Server Port, Common Name, Identifier, Distinguished Name, Query icon, Bind Type, Regular, Anonymous