beautypg.com

Fortinet FortiAnalyzer 3.0 MR7 User Manual

Page 69

background image

System

Config

FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908

69

Figure 34: LDAP settings

To define an LDAP server query

1

Go to System > Config > LDAP.

2

Select Create New. Complete the following:

LDAP Distinguished Name
Query

Name

Enter the name for the LDAP server query.

Server Name/IP

Enter the LDAP server domain name or IP address.

Server Port

Enter the port number. By default, the port is 389.

Server Type

Select whether to use anonymous or authenticated (regular)

queries.
If selecting Anonymous, your LDAP server must be configured to

allow unauthenticated anonymous queries.
If selecting Regular, you must also enter the Bind DN and Bind

Password.

Bind DN

Enter an LDAP user name in DN format to authenticate as a

specific LDAP user, and bind the query to a DN.
This option appears only when the Server Type is Regular.

Bind Password

Enter the LDAP user’s password.
This option appears only when the Server Type is Regular.

Common Name
Identifier

Enter the attribute identifier used in the LDAP query filter. By

default, the identifier is cn.
For example, if the Base DN contains several objects, and you

want to include only objects whose cn=Admins, enter the

Common Name Identifier cn and enter the Group(s) value

Admins when configuring report profiles. For more information,

see

“Configuring reports” on page 113

.

Report scopes using this query require Common Name Identifier.

If this option is blank, the LDAP query for reports will fail.

Base DN

Enter the Distinguished Name of the location in the LDAP

directory which will be searched during the query.
To improve query speed, enter a more specific DN to constrain

your search to the relevant subset of the LDAP tree.
For example, instead of entering dc=example,dc=com you

might enter the more specific DN

ou=Finance,dc=example,dc=com. This restricts the query to

the “Finance” organizational unit within the tree.
Report scopes using this query require Base DN. If this option is

blank, the LDAP query for reports will fail.

LDAP Distinguished
Name Query

Select to test the query.
Entries in the Base DN appear; if the query results contains

multiple levels, entries appear under their parent object.

See also other documents in the category Fortinet Hardware: