Fortinet black logo

CLI Reference

config user domain-controller

config user domain-controller

Configure domain controller entries.

config user domain-controller

Description: Configure domain controller entries.

edit <name>

set ad-mode [none|ds|...]

set hostname {string}

set username {string}

set password {password}

set ip-address {ipv4-address}

set ip6 {ipv6-address}

set port {integer}

set source-ip-address {ipv4-address}

set source-ip6 {ipv6-address}

set source-port {integer}

set interface-select-method [auto|sdwan|...]

set interface {string}

config extra-server

Description: Extra servers.

edit <id>

set ip-address {ipv4-address}

set port {integer}

set source-ip-address {ipv4-address}

set source-port {integer}

next

end

set domain-name {string}

set replication-port {integer}

set ldap-server <name1>, <name2>, ...

set dns-srv-lookup [enable|disable]

set adlds-dn {string}

set adlds-ip-address {ipv4-address}

set adlds-ip6 {ipv6-address}

set adlds-port {integer}

next

end

config user domain-controller

Parameter

Description

Type

Size

Default

ad-mode

Set Active Directory mode.

option

-

none

Option

Description

none

The server is not configured as an Active Directory Domain Server (AD DS).

ds

The server is configured as an Active Directory Domain Server (AD DS).

lds

The server is an Active Directory Lightweight Domain Server (AD LDS).

hostname

Hostname of the server to connect to.

string

Maximum length: 255

username

User name to sign in with. Must have proper permissions for service.

string

Maximum length: 64

password

Password for specified username.

password

Not Specified

ip-address

Domain controller IPv4 address.

ipv4-address

Not Specified

0.0.0.0

ip6

Domain controller IPv6 address.

ipv6-address

Not Specified

::

port

Port to be used for communication with the domain controller .

integer

Minimum value: 0 Maximum value: 65535

445

source-ip-address

FortiGate IPv4 address to be used for communication with the domain controller.

ipv4-address

Not Specified

0.0.0.0

source-ip6

FortiGate IPv6 address to be used for communication with the domain controller.

ipv6-address

Not Specified

::

source-port

Source port to be used for communication with the domain controller.

integer

Minimum value: 0 Maximum value: 65535

0

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

domain-name

Domain DNS name.

string

Maximum length: 255

replication-port

Port to be used for communication with the domain controller for replication service. Port number 0 indicates automatic discovery.

integer

Minimum value: 0 Maximum value: 65535

0

ldap-server <name>

LDAP server name(s).

LDAP server name.

string

Maximum length: 79

dns-srv-lookup

Enable/disable DNS service lookup.

option

-

disable

Option

Description

enable

Enable DNS service lookup.

disable

Disable DNS service lookup.

adlds-dn

AD LDS distinguished name.

string

Maximum length: 255

adlds-ip-address

AD LDS IPv4 address.

ipv4-address

Not Specified

0.0.0.0

adlds-ip6

AD LDS IPv6 address.

ipv6-address

Not Specified

::

adlds-port

Port number of AD LDS service .

integer

Minimum value: 0 Maximum value: 65535

389

config extra-server

Parameter

Description

Type

Size

Default

ip-address

Domain controller IP address.

ipv4-address

Not Specified

0.0.0.0

port

Port to be used for communication with the domain controller .

integer

Minimum value: 0 Maximum value: 65535

445

source-ip-address

FortiGate IPv4 address to be used for communication with the domain controller.

ipv4-address

Not Specified

0.0.0.0

source-port

Source port to be used for communication with the domain controller.

integer

Minimum value: 0 Maximum value: 65535

0

config user domain-controller

Configure domain controller entries.

config user domain-controller

Description: Configure domain controller entries.

edit <name>

set ad-mode [none|ds|...]

set hostname {string}

set username {string}

set password {password}

set ip-address {ipv4-address}

set ip6 {ipv6-address}

set port {integer}

set source-ip-address {ipv4-address}

set source-ip6 {ipv6-address}

set source-port {integer}

set interface-select-method [auto|sdwan|...]

set interface {string}

config extra-server

Description: Extra servers.

edit <id>

set ip-address {ipv4-address}

set port {integer}

set source-ip-address {ipv4-address}

set source-port {integer}

next

end

set domain-name {string}

set replication-port {integer}

set ldap-server <name1>, <name2>, ...

set dns-srv-lookup [enable|disable]

set adlds-dn {string}

set adlds-ip-address {ipv4-address}

set adlds-ip6 {ipv6-address}

set adlds-port {integer}

next

end

config user domain-controller

Parameter

Description

Type

Size

Default

ad-mode

Set Active Directory mode.

option

-

none

Option

Description

none

The server is not configured as an Active Directory Domain Server (AD DS).

ds

The server is configured as an Active Directory Domain Server (AD DS).

lds

The server is an Active Directory Lightweight Domain Server (AD LDS).

hostname

Hostname of the server to connect to.

string

Maximum length: 255

username

User name to sign in with. Must have proper permissions for service.

string

Maximum length: 64

password

Password for specified username.

password

Not Specified

ip-address

Domain controller IPv4 address.

ipv4-address

Not Specified

0.0.0.0

ip6

Domain controller IPv6 address.

ipv6-address

Not Specified

::

port

Port to be used for communication with the domain controller .

integer

Minimum value: 0 Maximum value: 65535

445

source-ip-address

FortiGate IPv4 address to be used for communication with the domain controller.

ipv4-address

Not Specified

0.0.0.0

source-ip6

FortiGate IPv6 address to be used for communication with the domain controller.

ipv6-address

Not Specified

::

source-port

Source port to be used for communication with the domain controller.

integer

Minimum value: 0 Maximum value: 65535

0

interface-select-method

Specify how to select outgoing interface to reach server.

option

-

auto

Option

Description

auto

Set outgoing interface automatically.

sdwan

Set outgoing interface by SD-WAN or policy routing rules.

specify

Set outgoing interface manually.

interface

Specify outgoing interface to reach server.

string

Maximum length: 15

domain-name

Domain DNS name.

string

Maximum length: 255

replication-port

Port to be used for communication with the domain controller for replication service. Port number 0 indicates automatic discovery.

integer

Minimum value: 0 Maximum value: 65535

0

ldap-server <name>

LDAP server name(s).

LDAP server name.

string

Maximum length: 79

dns-srv-lookup

Enable/disable DNS service lookup.

option

-

disable

Option

Description

enable

Enable DNS service lookup.

disable

Disable DNS service lookup.

adlds-dn

AD LDS distinguished name.

string

Maximum length: 255

adlds-ip-address

AD LDS IPv4 address.

ipv4-address

Not Specified

0.0.0.0

adlds-ip6

AD LDS IPv6 address.

ipv6-address

Not Specified

::

adlds-port

Port number of AD LDS service .

integer

Minimum value: 0 Maximum value: 65535

389

config extra-server

Parameter

Description

Type

Size

Default

ip-address

Domain controller IP address.

ipv4-address

Not Specified

0.0.0.0

port

Port to be used for communication with the domain controller .

integer

Minimum value: 0 Maximum value: 65535

445

source-ip-address

FortiGate IPv4 address to be used for communication with the domain controller.

ipv4-address

Not Specified

0.0.0.0

source-port

Source port to be used for communication with the domain controller.

integer

Minimum value: 0 Maximum value: 65535

0