beautypg.com

Fortinet 100A User Manual

Page 238

background image

238

01-28007-0068-20041203

Fortinet Inc.

LDAP server options

Users and authentication

To configure the FortiGate unit for LDAP authentication:

1

Go to User > LDAP.

2

Select Create New to add a new LDAP server, or select the Edit icon to edit an
existing configuration.

3

Enter the name of the LDAP server.

4

Enter the domain name or IP address of the LDAP server.

5

Enter the port used to communicate with the LDAP server.

6

Enter the common name identifier for the LDAP server.

7

Enter the distinguished name used to look up entries on the LDAP server.

8

Select OK.

To delete an LDAP server

You cannot delete an LDAP server that has been added to a user group.

1

Go to User > LDAP.

2

Select Delete beside the LDAP server name that you want to delete.

3

Select OK.

Common Name
Identifier

Enter the common name identifier for the LDAP server.
The common name identifier for most LDAP servers is cn. However some

servers use other common name identifiers such as uid.

Distinguished
Name

Enter the distinguished name used to look up entries on the LDAP server.
Enter the base distinguished name for the server using the correct X.500 or

LDAP format. The FortiGate unit passes this distinguished name unchanged

to the server.
For example, you could use the following base distinguished name:
ou=marketing,dc=fortinet,dc=com
where ou is organization unit and dc is domain component.
You can also specify multiple instances of the same field in the distinguished

name, for example, to specify multiple organization units:
ou=accounts,ou=marketing,dc=fortinet,dc=com