Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    7.6.4
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    system encryption ibe-auth

    system encryption ibe-auth

    When recipients of email from the IBE domains receive a secure mail notification:

    • recipients without LDAP authentication profiles must register to view the email.
    • recipients with LDAP authentication profiles do not need to register. They can simply log in because the FortiMail unit can query the LDAP servers for authentication.

    In both cases, the FortiMail unit will record the domain names of the recipients who register or authenticate with it on User > IBE User > IBE Domain.

    Use this command to bind domains with LDAP authentication profiles with which the FortiMail unit can query the LDAP servers for authentication, email address mappings, and more. For more information about LDAP profiles, see profile ldap.

    Syntax

    config system encryption ibe-auth

    edit <profile_index>

    set status {enable | disable}

    set ldap-profile <profile_name>

    set domain-pattern <domain_pattern>

    end

    Variable

    Description

    Default

    <profile_index>

    Enter a table ID.

    domain-pattern <domain_pattern>

    Enter a domain name that you want to bind to an LDAP authentication profile.

    If you want all IBE users to authenticate through an LDAP profile and do not want other users to be able to register on FortiMail, you can use a wildcard * for the domain name and then bind it to an LDAP profile.

    ldap-profile <profile_name>

    Enter a profile name from the available LDAP profile list, which you want to use to authenticate the domain users.

    status {enable | disable}

    Enable or disable the rule.

    disable

    Related topics

    profile ldap

    system encryption ibe

    Previous
    Next

    system encryption ibe-auth

    system encryption ibe-auth

    When recipients of email from the IBE domains receive a secure mail notification:

    • recipients without LDAP authentication profiles must register to view the email.
    • recipients with LDAP authentication profiles do not need to register. They can simply log in because the FortiMail unit can query the LDAP servers for authentication.

    In both cases, the FortiMail unit will record the domain names of the recipients who register or authenticate with it on User > IBE User > IBE Domain.

    Use this command to bind domains with LDAP authentication profiles with which the FortiMail unit can query the LDAP servers for authentication, email address mappings, and more. For more information about LDAP profiles, see profile ldap.

    Syntax

    config system encryption ibe-auth

    edit <profile_index>

    set status {enable | disable}

    set ldap-profile <profile_name>

    set domain-pattern <domain_pattern>

    end

    Variable

    Description

    Default

    <profile_index>

    Enter a table ID.

    domain-pattern <domain_pattern>

    Enter a domain name that you want to bind to an LDAP authentication profile.

    If you want all IBE users to authenticate through an LDAP profile and do not want other users to be able to register on FortiMail, you can use a wildcard * for the domain name and then bind it to an LDAP profile.

    ldap-profile <profile_name>

    Enter a profile name from the available LDAP profile list, which you want to use to authenticate the domain users.

    status {enable | disable}

    Enable or disable the rule.

    disable

    Related topics

    profile ldap

    system encryption ibe

    Previous
    Next