Creating the LDAP directory tree on the FortiAuthenticator
- Go to Authentication > LDAP Service > Directory Tree, and create a Distinguished Name (DN). A DN is made up of Domain Components (DC).
Both the users and user group created earlier are the User ID (UID) and the Common Name (CN) in the LDAP Directory Tree.
Create an Organizational Unit (OU), and a Common Name (CN). Under the cn=HeadOffice entry, add UIDs for the users.
If you mouse over a user, you will see the full DN of the LDAP server.
Later, you will use jgarrick on the FortiGate to query the LDAP directory tree on FortiAuthenticator, and you will use bwayne credentials to connect to the VPN tunnel.