Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    7.2.4
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config user exchange

    config user exchange

    Configure MS Exchange server entries.

    config user exchange
    Description: Configure MS Exchange server entries.
    edit <name>
        set auth-level [connect|call|...]
        set auth-type [spnego|ntlm|...]
        set auto-discover-kdc [enable|disable]
        set connect-protocol [rpc-over-tcp|rpc-over-http|...]
        set domain-name {string}
        set http-auth-type [basic|ntlm]
        set ip {ipv4-address-any}
        set kdc-ip <ipv41>, <ipv42>, ...
        set password {password}
        set server-name {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set username {string}
    next
end

    config user exchange

    Parameter

    Description

    Type

    Size

    Default

    auth-level

    Authentication security level used for the RPC protocol layer.

    option

    -

    privacy

    Option

    Description

    connect

    RPC authentication level 'connect'.

    call

    RPC authentication level 'call'.

    packet

    RPC authentication level 'packet'.

    integrity

    RPC authentication level 'integrity'.

    privacy

    RPC authentication level 'privacy'.

    auth-type

    Authentication security type used for the RPC protocol layer.

    option

    -

    kerberos

    Option

    Description

    spnego

    Negotiate authentication.

    ntlm

    NTLM authentication.

    kerberos

    Kerberos authentication.

    auto-discover-kdc

    Enable/disable automatic discovery of KDC IP addresses.

    option

    -

    enable

    Option

    Description

    enable

    Enable automatic discovery of KDC IP addresses.

    disable

    Disable automatic discovery of KDC IP addresses.

    connect-protocol

    Connection protocol used to connect to MS Exchange service.

    option

    -

    rpc-over-https

    Option

    Description

    rpc-over-tcp

    Connect using RPC-over-TCP. Use for MS Exchange 2010 and earlier versions. Supported in MS Exchange 2013.

    rpc-over-http

    Connect using RPC-over-HTTP. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

    rpc-over-https

    Connect using RPC-over-HTTPS. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

    domain-name

    MS Exchange server fully qualified domain name.

    string

    Maximum length: 79

    http-auth-type

    Authentication security type used for the HTTP transport.

    option

    -

    ntlm

    Option

    Description

    basic

    Basic HTTP authentication.

    ntlm

    NTLM HTTP authentication.

    ip

    Server IPv4 address.

    ipv4-address-any

    Not Specified

    0.0.0.0

    kdc-ip <ipv4>

    KDC IPv4 addresses for Kerberos authentication.

    KDC IPv4 addresses for Kerberos authentication.

    string

    Maximum length: 79

    name

    MS Exchange server entry name.

    string

    Maximum length: 35

    password

    Password for the specified username.

    password

    Not Specified

    server-name

    MS Exchange server hostname.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum SSL/TLS protocol version for HTTPS transport.

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    username

    User name used to sign in to the server. Must have proper permissions for service.

    string

    Maximum length: 64

    Previous
    Next

    config user exchange

    config user exchange

    Configure MS Exchange server entries.

    config user exchange
    Description: Configure MS Exchange server entries.
    edit <name>
        set auth-level [connect|call|...]
        set auth-type [spnego|ntlm|...]
        set auto-discover-kdc [enable|disable]
        set connect-protocol [rpc-over-tcp|rpc-over-http|...]
        set domain-name {string}
        set http-auth-type [basic|ntlm]
        set ip {ipv4-address-any}
        set kdc-ip <ipv41>, <ipv42>, ...
        set password {password}
        set server-name {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set username {string}
    next
end

    config user exchange

    Parameter

    Description

    Type

    Size

    Default

    auth-level

    Authentication security level used for the RPC protocol layer.

    option

    -

    privacy

    Option

    Description

    connect

    RPC authentication level 'connect'.

    call

    RPC authentication level 'call'.

    packet

    RPC authentication level 'packet'.

    integrity

    RPC authentication level 'integrity'.

    privacy

    RPC authentication level 'privacy'.

    auth-type

    Authentication security type used for the RPC protocol layer.

    option

    -

    kerberos

    Option

    Description

    spnego

    Negotiate authentication.

    ntlm

    NTLM authentication.

    kerberos

    Kerberos authentication.

    auto-discover-kdc

    Enable/disable automatic discovery of KDC IP addresses.

    option

    -

    enable

    Option

    Description

    enable

    Enable automatic discovery of KDC IP addresses.

    disable

    Disable automatic discovery of KDC IP addresses.

    connect-protocol

    Connection protocol used to connect to MS Exchange service.

    option

    -

    rpc-over-https

    Option

    Description

    rpc-over-tcp

    Connect using RPC-over-TCP. Use for MS Exchange 2010 and earlier versions. Supported in MS Exchange 2013.

    rpc-over-http

    Connect using RPC-over-HTTP. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

    rpc-over-https

    Connect using RPC-over-HTTPS. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

    domain-name

    MS Exchange server fully qualified domain name.

    string

    Maximum length: 79

    http-auth-type

    Authentication security type used for the HTTP transport.

    option

    -

    ntlm

    Option

    Description

    basic

    Basic HTTP authentication.

    ntlm

    NTLM HTTP authentication.

    ip

    Server IPv4 address.

    ipv4-address-any

    Not Specified

    0.0.0.0

    kdc-ip <ipv4>

    KDC IPv4 addresses for Kerberos authentication.

    KDC IPv4 addresses for Kerberos authentication.

    string

    Maximum length: 79

    name

    MS Exchange server entry name.

    string

    Maximum length: 35

    password

    Password for the specified username.

    password

    Not Specified

    server-name

    MS Exchange server hostname.

    string

    Maximum length: 63

    ssl-min-proto-version

    Minimum SSL/TLS protocol version for HTTPS transport.

    option

    -

    default

    Option

    Description

    default

    Follow system global setting.

    SSLv3

    SSLv3.

    TLSv1

    TLSv1.

    TLSv1-1

    TLSv1.1.

    TLSv1-2

    TLSv1.2.

    username

    User name used to sign in to the server. Must have proper permissions for service.

    string

    Maximum length: 64

    Previous
    Next