sAMAccountName is another LDAP attribute and can reference the logon name (in reference to windows LDAP server). CN stands for Common Name which is an attribute name in LDAP.
The default is port 389.ĥ) Enter the Common Name Identifier (20 characters maximum).Ĭn is the default, and most of the customers will be using SAMAccountName. To configure the FortiGate unit for LDAP authentication – Using GUI:ġ) Go to User & Device -> Authentication -> LDAP Servers and select Create New.ģ) In Server Name/IP enter the server’s FQDN or IP address.Ĥ) If necessary, change the Server Port number. If DNS does not work, the users will not be able to authenticate as the HTTP connection to the destination cannot be made.
Note that such a policy will also not allow DNS queries if the user is not authenticated.Įnd users must have some way of resolving the destination address that would match this policy. This article provides steps to configure the LDAP server in FortiGate and how to map LDAP users/groups to Firewall policies.Įnd users can then see a firewall popup on the browser that will ask for authentication prior using the service.
0 kommentar(er)
