Fortinet black logo

CLI Reference

ms365 account

ms365 account

Use this command to connect to Microsoft 365 to access the user mailboxes. You must have domain administrator privileges to access Microsoft 365.

Syntax

config ms365 account

edit <name>

config user-filter

edit <name>

set ad-group-attr {custom | displayname | mail}

set ad-group-attr-name <string>

set ad-group-attr-value <string>

set email-group <group_name>

set ldap-group <string>

set ldap-profile <profile_name>

set pattern <string>

set status {enable | disable}

set type {ad-group | email-group | imported-user | ldap-group | regex | wildcard}

next

end

set application-id <string>

set application-secret <password>

set description <string>

set service-endpoint {china | germany | global | us-dod | us-gov}

set tenant <password>

end

Variable

Description

Default

<name>

Enter the name of the account profile.

ad-group-attr {custom | displayname | mail}

Note: This option is only available when type is set to ad-group.

Select the Azure AD group attribute.

displayname

ad-group-attr-name <string>

Note: This option is only available when type is set to ad-group and ad-group-attr is set to custom.

Enter the custom Azure AD group attribute name.

ad-group-attr-value <string>

Note: This option is only available when type is set to ad-group.

Enter the Azure AD group attribute value.

application-id <string>

Enter the application ID.

application-secret <password>

Enter the application secret/password.

description <string>

Enter a brief description of the account.

email-group <group_name>

Note: This option is only available when type is set to email-group.

Select an email group.

ldap-group <string>

Note: This option is only available when type is set to ldap-group.

Enter the LDAP group name.

ldap-profile <profile_name>

Note: This option is only available when type is set to ldap-group.

Select an LDAP group profile.

pattern <string>

Note: This option is only available when type is set to regex or wildcard.

Enter the user pattern.

service-endpoint {china | germany | global | us-dod | us-gov}

Select a regional endpoint appropriate to your geographical location.

global

status {enable | disable}

Enable or disable this user filter.

disable

tenant <password>

Enter the Microsoft 365 tenant credentials.

type {ad-group | email-group | imported-user | ldap-group | regex | wildcard}

Define the filter type as one of the following:

  • ad-group: Azure AD group.

  • email-group: Email group.

  • imported-user: Imported internal or external user.

  • ldap-group: LDAP group.

  • regex: User as regular expression.

  • wildcard: User as wildcard.

wildcard

ms365 account

Use this command to connect to Microsoft 365 to access the user mailboxes. You must have domain administrator privileges to access Microsoft 365.

Syntax

config ms365 account

edit <name>

config user-filter

edit <name>

set ad-group-attr {custom | displayname | mail}

set ad-group-attr-name <string>

set ad-group-attr-value <string>

set email-group <group_name>

set ldap-group <string>

set ldap-profile <profile_name>

set pattern <string>

set status {enable | disable}

set type {ad-group | email-group | imported-user | ldap-group | regex | wildcard}

next

end

set application-id <string>

set application-secret <password>

set description <string>

set service-endpoint {china | germany | global | us-dod | us-gov}

set tenant <password>

end

Variable

Description

Default

<name>

Enter the name of the account profile.

ad-group-attr {custom | displayname | mail}

Note: This option is only available when type is set to ad-group.

Select the Azure AD group attribute.

displayname

ad-group-attr-name <string>

Note: This option is only available when type is set to ad-group and ad-group-attr is set to custom.

Enter the custom Azure AD group attribute name.

ad-group-attr-value <string>

Note: This option is only available when type is set to ad-group.

Enter the Azure AD group attribute value.

application-id <string>

Enter the application ID.

application-secret <password>

Enter the application secret/password.

description <string>

Enter a brief description of the account.

email-group <group_name>

Note: This option is only available when type is set to email-group.

Select an email group.

ldap-group <string>

Note: This option is only available when type is set to ldap-group.

Enter the LDAP group name.

ldap-profile <profile_name>

Note: This option is only available when type is set to ldap-group.

Select an LDAP group profile.

pattern <string>

Note: This option is only available when type is set to regex or wildcard.

Enter the user pattern.

service-endpoint {china | germany | global | us-dod | us-gov}

Select a regional endpoint appropriate to your geographical location.

global

status {enable | disable}

Enable or disable this user filter.

disable

tenant <password>

Enter the Microsoft 365 tenant credentials.

type {ad-group | email-group | imported-user | ldap-group | regex | wildcard}

Define the filter type as one of the following:

  • ad-group: Azure AD group.

  • email-group: Email group.

  • imported-user: Imported internal or external user.

  • ldap-group: LDAP group.

  • regex: User as regular expression.

  • wildcard: User as wildcard.

wildcard