LDAP is an Internet protocol used to maintain authentication data that may include departments, people, groups of people, passwords, email addresses, and printers. LDAP consists of a data-representation scheme, a set of defined operations, and a request/response network.
In the LDAP protocol there are a number of operations a client can request such as search, compare, and add or delete an entry. Binding is the operation where the LDAP server authenticates the user. If the user is successfully authenticated, binding allows the user access to the LDAP server based on the user’s permissions.
This section contains the following topics:
- Directory tree overview
- Creating the directory tree
- Configuring a FortiGate unit for FortiAuthenticator LDAP
For users, the
For user groups, the
Email addresses and alternative email addresses can be configured for the local user settings in Authentication > User Management > Local Users.