Skip to main content
enry
enry
New Member
November 29, 2016
Solved

LDAP Administration in Global section

  • November 29, 2016
  • 1 reply
  • 7555 views

Hi! I'm using FG600D Firmware Version 5.2.9 and using VDOMs.

According to this KB, this can be achieved creating an LDAP server and then configuring the administrator making the ldap server and the administrator in the same group.

It seems that the ldap server cannot be configured in the global section, this can only be done in VDOMs. Is this correct? Is there any way to authenticate global administrators against an LDAP server?

 

Many thanks in advance

Enrico

Best answer by xsilver_FTNT

Hi,

just guess that you are referring to KB like this one http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD32933

 

1. any remote server like LDAP can be configured only in VDOM, not in global

2. however that VDOM specific one can be used. Do so in management VDOM.

3. Which is management VDOM ? The "root" if not changed or specific HW. Find it via :

config global

show full system global | grep management

 

4. So make LDAP and group in management VDOM, then set vdom in that LDAP based admin to that management one and use the group from that VDOM.

 

Best regards,

Tomas

1 reply

xsilver_FTNT
Staff
xsilver_FTNTAnswer
Staff
November 30, 2016

Hi,

just guess that you are referring to KB like this one http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD32933

 

1. any remote server like LDAP can be configured only in VDOM, not in global

2. however that VDOM specific one can be used. Do so in management VDOM.

3. Which is management VDOM ? The "root" if not changed or specific HW. Find it via :

config global

show full system global | grep management

 

4. So make LDAP and group in management VDOM, then set vdom in that LDAP based admin to that management one and use the group from that VDOM.

 

Best regards,

Tomas

enry
enryAuthor
New Member
November 30, 2016

Thank you very much for the hint Thomas, I forgot to put the link of the KB but that one is exactly the one I was referring to.  I will follow the procedure configuring the LDAP server in my management VDOM. Best Regards,

Enrico

Terms & ConditionsAccessibility statement