Fortinet FortiGate Series Administration Manual page 659

User
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
Binding is said to occur when the LDAP server successfully authenticates the user and
allows the user access to the LDAP server based on his or her permissions.
You can configure the FortiGate unit to use one of three types of binding:
• anonymous - bind using anonymous user search
• regular - bind using user name/password and then search
• simple - bind using a simple password authentication without a search.
You can use simple authentication if the user records all fall under one dn. If the users are
under more than one dn, use the anonymous or regular type, which can search the entire
LDAP database for the required user name.
If your LDAP server requires authentication to perform searches, use the regular type and
provide values for user name and password.
To add an LDAP server, go to User > Remote > LDAP and select Create New. Enter the
information below and select OK.
Figure 407: LDAP server configuration
Name
Server Name/IP
Server Port
Common Name Identifier Enter the common name identifier for the LDAP server. The maximum
Distinguished Name
Enter the name that identifies the LDAP server on the FortiGate unit.
Enter the domain name or IP address of the LDAP server.
Enter the TCP port used to communicate with the LDAP server.
By default, LDAP uses port 389.
If you use a secure LDAP server, the default port changes when you
select Secure Connection.
number of characters is 20.
Enter the base distinguished name for the server using the correct
X.500 or LDAP format. The FortiGate unit passes this distinguished
name unchanged to the server. The maximum number of characters is
512.
LDAP
Query
659