Fortinet FortiGate v3.0 MR7 User Manual

Authentication servers

LDAP servers

FortiOS v3.0 MR7 User Authentication User Guide
01-30007-0347-20080828

23

To configure the FortiGate unit for LDAP authentication - CLI

config user ldap

edit

set cnid

set dn

set port

set server

set type

set username

set password

set group

set filter

set secure

set ca-cert

end

To remove an LDAP server from the FortiGate unit configuration -
web-based manager

1

Go to User > LDAP.

2

Select the Delete icon beside the name of the LDAP server that you want to
remove.

3

Select OK.

Figure 4: Delete LDAP server

Protocol

Select a secure LDAP protocol to use for authentication.
Depending on your selection, the value in Server Port will
change to the default port for the selected protocol. Available
only if Secure Connection is selected.
LDAPS: port 636
STARTTLS: port 389

Certificate

Select a certificate to use for authentication from the list. The
certificate list comes from CA certificates at System >
Certificates > CA Certificates.

Note: You cannot remove a LDAP server that belongs to a user group. Remove it from the
user group first.

Create New

Add a new LDAP server. The maximum number is 10.

Name

The name that identifies the LDAP server on the FortiGate unit.

Server Name/IP

The domain name or IP address of the LDAP server.

Port

The TCP port used to communicate with the LDAP server.

Delete

Edit