Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiMail 7.6.0 CLI Reference
    7.6.0
    7.6.1
    7.6.0
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    profile ldap-sync

    profile ldap-sync

    Use this command to configure synchronization with your directory server via LDAP. Synchronization can be regularly scheduled, or on demand.

    Each contact is identified by its email address. If a new contact is created on the directory server, then synchronization adds it to the address book. If the same contact already exists in the address book, then synchronization updates it with current data from the directory server. If the contact does not exist on the directory server, then synchronization deletes that contact from the address book.

    This command is only available if either:

    Syntax

    config profile ldap-sync

    edit <profile_name>

    [set description "<description_str>"]

    set status {enable | disable}

    set domain <protected-domain_name>

    set ldap-profile <profile_name>

    set mapping <profile_name>

    set sync-mode {full | incremental}

    set recurrence {daily | month | none | weekly}

    set schedule-hour {0..23}

    {set schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}

    set schedule-date {1..31} }

    end

    Variable

    Description

    Default

    <profile_name>

    Enter the name of the profile.

    description "<description_str>"

    Enter a description or comment.

    domain <protected-domain_name>

    Select the protected domain whose address book you want to synchronize, or leave this setting empty to synchronize the global address book (system).

    Note: Once the LDAP synchronization task is created, this selection cannot be changed.

    ldap-profile <profile_name>

    Select an LDAP profile that defines the base query and connection to the directory server.

    mapping <profile_name>

    Select an LDAP attribute-to-address-book mapping that defines which contact information will be synchronized.

    recurrence {daily | month | none | weekly}

    Select the time interval between each LDAP synchronization.

    If you select none, then you can use this profile to import the address book from the directory server at any time, on demand. For details, see the FortiMail Administration Guide.

    Otherwise, select when FortiMail automatically synchronizes: also configure schedule-hour {0..23}, schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}, and schedule-date {1..31}.

    none

    schedule-date {1..31}

    Enter the day of the month when LDAP synchronization will occur.

    This setting is available only when recurrence {daily | month | none | weekly} is monthly.

    schedule-hour {0..23}

    Enter the hour of the day, according to a 24-hour clock, when LDAP synchronization will occur.

    1

    schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}

    Enter the day of the week when LDAP synchronization will occur.

    This setting is available only when recurrence {daily | month | none | weekly} is weekly.

    status {enable | disable}

    Enable or disable this LDAP synchronization task.

    enable

    sync-mode {full | incremental}

    Select how much to synchronize from the directory to the address book, either:

    • full — All data that matches the LDAP query and has an address book mapping.

    • incremental — Only data that changed since the most recent synchronization.

    For example, you might have both a daily incremental sync task (it's smaller, so it can run every night), and also a full sync task (it runs every weekend).

    incremental

    Related topics

    profile ldap

    profile ldap-mapping

    Previous
    Next

    profile ldap-sync

    profile ldap-sync

    Use this command to configure synchronization with your directory server via LDAP. Synchronization can be regularly scheduled, or on demand.

    Each contact is identified by its email address. If a new contact is created on the directory server, then synchronization adds it to the address book. If the same contact already exists in the address book, then synchronization updates it with current data from the directory server. If the contact does not exist on the directory server, then synchronization deletes that contact from the address book.

    This command is only available if either:

    Syntax

    config profile ldap-sync

    edit <profile_name>

    [set description "<description_str>"]

    set status {enable | disable}

    set domain <protected-domain_name>

    set ldap-profile <profile_name>

    set mapping <profile_name>

    set sync-mode {full | incremental}

    set recurrence {daily | month | none | weekly}

    set schedule-hour {0..23}

    {set schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}

    set schedule-date {1..31} }

    end

    Variable

    Description

    Default

    <profile_name>

    Enter the name of the profile.

    description "<description_str>"

    Enter a description or comment.

    domain <protected-domain_name>

    Select the protected domain whose address book you want to synchronize, or leave this setting empty to synchronize the global address book (system).

    Note: Once the LDAP synchronization task is created, this selection cannot be changed.

    ldap-profile <profile_name>

    Select an LDAP profile that defines the base query and connection to the directory server.

    mapping <profile_name>

    Select an LDAP attribute-to-address-book mapping that defines which contact information will be synchronized.

    recurrence {daily | month | none | weekly}

    Select the time interval between each LDAP synchronization.

    If you select none, then you can use this profile to import the address book from the directory server at any time, on demand. For details, see the FortiMail Administration Guide.

    Otherwise, select when FortiMail automatically synchronizes: also configure schedule-hour {0..23}, schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}, and schedule-date {1..31}.

    none

    schedule-date {1..31}

    Enter the day of the month when LDAP synchronization will occur.

    This setting is available only when recurrence {daily | month | none | weekly} is monthly.

    schedule-hour {0..23}

    Enter the hour of the day, according to a 24-hour clock, when LDAP synchronization will occur.

    1

    schedule-weekday {monday | tuesday | wednesday | thursday | friday | saturday | sunday}

    Enter the day of the week when LDAP synchronization will occur.

    This setting is available only when recurrence {daily | month | none | weekly} is weekly.

    status {enable | disable}

    Enable or disable this LDAP synchronization task.

    enable

    sync-mode {full | incremental}

    Select how much to synchronize from the directory to the address book, either:

    • full — All data that matches the LDAP query and has an address book mapping.

    • incremental — Only data that changed since the most recent synchronization.

    For example, you might have both a daily incremental sync task (it's smaller, so it can run every night), and also a full sync task (it runs every weekend).

    incremental

    Related topics

    profile ldap

    profile ldap-mapping

    Previous
    Next