Fortinet white logo
Fortinet white logo

CLI Reference

config user exchange

config user exchange

Configure MS Exchange server entries.

config user exchange
    Description: Configure MS Exchange server entries.
    edit <name>
        set auth-level [connect|call|...]
        set auth-type [spnego|ntlm|...]
        set auto-discover-kdc [enable|disable]
        set connect-protocol [rpc-over-tcp|rpc-over-http|...]
        set domain-name {string}
        set http-auth-type [basic|ntlm]
        set ip {ipv4-address-any}
        set kdc-ip <ipv41>, <ipv42>, ...
        set password {password}
        set server-name {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set username {string}
    next
end

config user exchange

Parameter

Description

Type

Size

Default

auth-level

Authentication security level used for the RPC protocol layer.

option

-

privacy

Option

Description

connect

RPC authentication level 'connect'.

call

RPC authentication level 'call'.

packet

RPC authentication level 'packet'.

integrity

RPC authentication level 'integrity'.

privacy

RPC authentication level 'privacy'.

auth-type

Authentication security type used for the RPC protocol layer.

option

-

kerberos

Option

Description

spnego

Negotiate authentication.

ntlm

NTLM authentication.

kerberos

Kerberos authentication.

auto-discover-kdc

Enable/disable automatic discovery of KDC IP addresses.

option

-

enable

Option

Description

enable

Enable automatic discovery of KDC IP addresses.

disable

Disable automatic discovery of KDC IP addresses.

connect-protocol

Connection protocol used to connect to MS Exchange service.

option

-

rpc-over-https

Option

Description

rpc-over-tcp

Connect using RPC-over-TCP. Use for MS Exchange 2010 and earlier versions. Supported in MS Exchange 2013.

rpc-over-http

Connect using RPC-over-HTTP. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

rpc-over-https

Connect using RPC-over-HTTPS. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

domain-name

MS Exchange server fully qualified domain name.

string

Maximum length: 79

http-auth-type

Authentication security type used for the HTTP transport.

option

-

ntlm

Option

Description

basic

Basic HTTP authentication.

ntlm

NTLM HTTP authentication.

ip

Server IPv4 address.

ipv4-address-any

Not Specified

0.0.0.0

kdc-ip <ipv4>

KDC IPv4 addresses for Kerberos authentication.

KDC IPv4 addresses for Kerberos authentication.

string

Maximum length: 79

name

MS Exchange server entry name.

string

Maximum length: 35

password

Password for the specified username.

password

Not Specified

server-name

MS Exchange server hostname.

string

Maximum length: 63

ssl-min-proto-version

Minimum SSL/TLS protocol version for HTTPS transport.

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

TLSv1-3

TLSv1.3.

username

User name used to sign in to the server. Must have proper permissions for service.

string

Maximum length: 64

config user exchange

config user exchange

Configure MS Exchange server entries.

config user exchange
    Description: Configure MS Exchange server entries.
    edit <name>
        set auth-level [connect|call|...]
        set auth-type [spnego|ntlm|...]
        set auto-discover-kdc [enable|disable]
        set connect-protocol [rpc-over-tcp|rpc-over-http|...]
        set domain-name {string}
        set http-auth-type [basic|ntlm]
        set ip {ipv4-address-any}
        set kdc-ip <ipv41>, <ipv42>, ...
        set password {password}
        set server-name {string}
        set ssl-min-proto-version [default|SSLv3|...]
        set username {string}
    next
end

config user exchange

Parameter

Description

Type

Size

Default

auth-level

Authentication security level used for the RPC protocol layer.

option

-

privacy

Option

Description

connect

RPC authentication level 'connect'.

call

RPC authentication level 'call'.

packet

RPC authentication level 'packet'.

integrity

RPC authentication level 'integrity'.

privacy

RPC authentication level 'privacy'.

auth-type

Authentication security type used for the RPC protocol layer.

option

-

kerberos

Option

Description

spnego

Negotiate authentication.

ntlm

NTLM authentication.

kerberos

Kerberos authentication.

auto-discover-kdc

Enable/disable automatic discovery of KDC IP addresses.

option

-

enable

Option

Description

enable

Enable automatic discovery of KDC IP addresses.

disable

Disable automatic discovery of KDC IP addresses.

connect-protocol

Connection protocol used to connect to MS Exchange service.

option

-

rpc-over-https

Option

Description

rpc-over-tcp

Connect using RPC-over-TCP. Use for MS Exchange 2010 and earlier versions. Supported in MS Exchange 2013.

rpc-over-http

Connect using RPC-over-HTTP. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

rpc-over-https

Connect using RPC-over-HTTPS. Use for MS Exchange 2016 and later versions. Supported in MS Exchange 2013.

domain-name

MS Exchange server fully qualified domain name.

string

Maximum length: 79

http-auth-type

Authentication security type used for the HTTP transport.

option

-

ntlm

Option

Description

basic

Basic HTTP authentication.

ntlm

NTLM HTTP authentication.

ip

Server IPv4 address.

ipv4-address-any

Not Specified

0.0.0.0

kdc-ip <ipv4>

KDC IPv4 addresses for Kerberos authentication.

KDC IPv4 addresses for Kerberos authentication.

string

Maximum length: 79

name

MS Exchange server entry name.

string

Maximum length: 35

password

Password for the specified username.

password

Not Specified

server-name

MS Exchange server hostname.

string

Maximum length: 63

ssl-min-proto-version

Minimum SSL/TLS protocol version for HTTPS transport.

option

-

default

Option

Description

default

Follow system global setting.

SSLv3

SSLv3.

TLSv1

TLSv1.

TLSv1-1

TLSv1.1.

TLSv1-2

TLSv1.2.

TLSv1-3

TLSv1.3.

username

User name used to sign in to the server. Must have proper permissions for service.

string

Maximum length: 64