Fortinet black logo

FortiProxy Authentication Guide

Home FortiProxy 2.0.2 FortiProxy Authentication Guide
2.0.2
7.4.0
7.2.0
2.0.2

Configuring an LDAP server

Configuring an LDAP server

This section provides steps on how to configure an LDAP server in a FortiProxy unit and how to map LDAP users in a policy.

To configure the FortiProxy unit for LDAP authentication using the GUI:
  1. Go to User & Device > LDAP Servers and select Create New.
  2. In the Name field, enter a name for the LDAP server.
  3. In the Server IP/Name field, enter the server’s FQDN or IP address.
  4. If necessary, change the server port number. The default is port 389.
  5. Enter the Common Name Identifier (20 characters maximum).
    cn is the default, and most users will use SAMAccountName. cn is the common name, which is a display name, and SAMAccountName is the logon name (in reference to the Windows LDAP server).
  6. Next to the Distinguished Name field, select Browse and select the main domain (you can select the domain after the user name and password are entered in steps 8 and 9)
  7. For the Bind Type buttons, select Regular.
  8. In the Username field, enter the LDAP administrator’s name.
  9. In the Password field, enter the LDAP administrator’s password.

  10. Select OK.
To import users for the LDAP server using the GUI:
  1. Go to User & Device > User Definition and select Create New.
  2. On the User Type step, select Remote LDAP User and then select Next.

  3. On the LDAP Server step, select the LDAP server name and then select Next.

  4. On the Remote Users step, right-click on the user name and select Add Selected for each remote user that you want to add.

  5. Select Submit.

After you import the users and user groups, use them in a policy.

NOTE: LDAP authentication supports HTTP, HTPPS, FTP, and Telnet Protocols only.

Previous
Next

Configuring an LDAP server

This section provides steps on how to configure an LDAP server in a FortiProxy unit and how to map LDAP users in a policy.

To configure the FortiProxy unit for LDAP authentication using the GUI:
  1. Go to User & Device > LDAP Servers and select Create New.
  2. In the Name field, enter a name for the LDAP server.
  3. In the Server IP/Name field, enter the server’s FQDN or IP address.
  4. If necessary, change the server port number. The default is port 389.
  5. Enter the Common Name Identifier (20 characters maximum).
    cn is the default, and most users will use SAMAccountName. cn is the common name, which is a display name, and SAMAccountName is the logon name (in reference to the Windows LDAP server).
  6. Next to the Distinguished Name field, select Browse and select the main domain (you can select the domain after the user name and password are entered in steps 8 and 9)
  7. For the Bind Type buttons, select Regular.
  8. In the Username field, enter the LDAP administrator’s name.
  9. In the Password field, enter the LDAP administrator’s password.

  10. Select OK.
To import users for the LDAP server using the GUI:
  1. Go to User & Device > User Definition and select Create New.
  2. On the User Type step, select Remote LDAP User and then select Next.

  3. On the LDAP Server step, select the LDAP server name and then select Next.

  4. On the Remote Users step, right-click on the user name and select Add Selected for each remote user that you want to add.

  5. Select Submit.

After you import the users and user groups, use them in a policy.

NOTE: LDAP authentication supports HTTP, HTPPS, FTP, and Telnet Protocols only.

Previous
Next