Technical Tip: Configure LDAP URL and Bind DN in Lure Resources

Description

This article describes how to best configure LDAP URL and Bind DN in Lure Resources.

Scope

ForiDeceptor.

Solution

To import Lure Resources from the LDAP server, follow the admin guide: Lure Resources.

Below is a configuration example without using the full DN, as well as an LDAP URL with the LDAP port.

• Bind DN: user@domain.lab
  'Or the user DN can be used. Ex. : CN=user,CN=Users,DC=domain,DC=lab'.
• URL:  ldap://LDAP_IP_or_domain:389/CN=Users,DC=domain,DC=lab?sAMAccountName?sub?(objectClass=user).

'CN=Users,DC=domain,DC=lab' is the location of the users to import into FortiDeceptor.

Additionally, it is possible to use different parameters instead of 'sAMAccountName', such as 'cn' or 'uuid'.

Note:

FortiDeceptor will use or display only the user's display name: not 'sAMAccountName' or real usernames. This is by design.