Configuring an LDAP server
FortiOS can be configured to use an LDAP server for authentication.
To configure an LDAP server on the FortiGate:
- Go to User & Authentication > LDAP Servers.
- Click Create New.
- Configure the following:
Name
This connection name is for reference within the FortiGate only.
Server IP/Name
LDAP server IP address or FQDN resolvable by the FortiGate.
Server Port
By default, LDAP uses port 389 and LDAPS uses 636. Use this field to specify a custom port if necessary.
Common Name Identifier
Attribute field of the object in LDAP that the FortiGate uses to identify the connecting user. The identifier is case sensitive. Common attributes are:
- cn (Common Name)
- sAMAccountName (SAMAccountName)
- uid (User ID)
Distinguished Name
Used to look up user account entries on the LDAP server. It reflects the hierarchy of LDAP database object classes above the CN identifier in which you are doing the lookup.
Enter dc=COMPANY,dc=com to specify the root of the domain to include all objects.
Enter