Fortinet black logo

Cookbook

Creating the LDAP directory tree on the FortiAuthenticator

Copy Link
Copy Doc ID 502fabff-dbf1-11ea-96b9-00505692583a:396368
Download PDF

Creating the LDAP directory tree on the FortiAuthenticator

To create the LDAP directory tree:
  1. Go to Authentication > LDAP Service > Directory Tree, and create a Distinguished Name (DN). A DN is made up of Domain Components (DC).
  2. Both the users and user group created earlier are the User ID (UID) and the Common Name (CN) in the LDAP Directory Tree.

    Create an Organizational Unit (OU), and a Common Name (CN). Under the cn=HeadOffice entry, add UIDs for the users.

    If you mouse over a user, you will see the full DN of the LDAP server.

    Later, you will use jgarrick on the FortiGate to query the LDAP directory tree on FortiAuthenticator, and you will use bwayne credentials to connect to the VPN tunnel.

Creating the LDAP directory tree on the FortiAuthenticator

To create the LDAP directory tree:
  1. Go to Authentication > LDAP Service > Directory Tree, and create a Distinguished Name (DN). A DN is made up of Domain Components (DC).
  2. Both the users and user group created earlier are the User ID (UID) and the Common Name (CN) in the LDAP Directory Tree.

    Create an Organizational Unit (OU), and a Common Name (CN). Under the cn=HeadOffice entry, add UIDs for the users.

    If you mouse over a user, you will see the full DN of the LDAP server.

    Later, you will use jgarrick on the FortiGate to query the LDAP directory tree on FortiAuthenticator, and you will use bwayne credentials to connect to the VPN tunnel.