Fortinet Document Library

Version:


Table of Contents

Cookbook

6.0.0
Download PDF
Copy Link

Configuring LDAP on the FortiAuthenticator

Now you can finish the LDAPS configuration using client authentication through certificate.

  1. Go to AuthenticationRemote Auth. ServersLDAPCreate New.

  2. Enter a name.
  3. For Primary server name/IP enter ldap.google.com, and set the port to 636.
  4. Enter the base distinguished name.
  5. For the Username attribute, enter uid.
  6. Select the option to obtain group memberships from Group attribute.
  7. Enable Secure Connection and select either LDAPS or STARTTLS as the Protocol, and select the Google CA certificate.
  8. Enable Use Client Certificate for TLS Authentication, and select the LDAP certificate.

  9. Select OK.

    If required, you can now import users by clicking the Go button next to the Import users dropdown. This is not a required step, but can be done in cases where you want to include additional information to their accounts or assign FortiTokens.

Configuring LDAP on the FortiAuthenticator

Now you can finish the LDAPS configuration using client authentication through certificate.

  1. Go to AuthenticationRemote Auth. ServersLDAPCreate New.

  2. Enter a name.
  3. For Primary server name/IP enter ldap.google.com, and set the port to 636.
  4. Enter the base distinguished name.
  5. For the Username attribute, enter uid.
  6. Select the option to obtain group memberships from Group attribute.
  7. Enable Secure Connection and select either LDAPS or STARTTLS as the Protocol, and select the Google CA certificate.
  8. Enable Use Client Certificate for TLS Authentication, and select the LDAP certificate.

  9. Select OK.

    If required, you can now import users by clicking the Go button next to the Import users dropdown. This is not a required step, but can be done in cases where you want to include additional information to their accounts or assign FortiTokens.