config user ldap
Configure a LDAP user.
config user ldap
edit <name>
set server {string}
set source-ip {string}
set cn-id {string}
set dn {string}
set type [simple | regular]
set secure [disable | starttls | ldaps]
set ca-cert [datasource]
set port {integer}
set server-identity-check [enable | disable]
next
end
Sample syntax:
config user ldap
edit ldap_svr
set server 192.168.120.10
set source-ip
set cn-id cn
set dn ou=users,dc=example,dc=com
set type simple
set secure disable
set port 389
next
end
| Parametrer | Description | Type | Size | Default | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
server |
Primary LDAP server, CN domain name, or IP address. |
string | - | NULL | ||||||||
|
source-ip |
IP address used for communication with the LDAP server. |
string | - | 0.0.0.0 | ||||||||
|
cn-id |
Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn". |
string | - | cn | ||||||||
|
dn |
Distinguished name used to look up entries on the LDAP server. |
string | - |
NULL |
||||||||
|
type |
Authentication type for LDAP searches. |
option | - | simple | ||||||||
|
||||||||||||
|
secure |
Method for LDAP communication. |
option | - | disable | ||||||||
|
|
|
|||||||||||
|
ca-cert |
CA certificate name. Note: You can directly assign the CA certificate or leave it blank. FortiBranchSASE will iterate to find the appropriate one. |
datasource | - | NULL | ||||||||
|
port |
Port to be used for communication with the LDAP server. Note: For LDAPS, the default port is 636. For LDAP/STARTLS, the default port is 389. |
integer | 1-65535 | 389 | ||||||||
|
server-identity-check |
Enable/disable LDAP server identity check to verify server domain name/IP address against the server certificate. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||