Help
FortiDeceptor
FortiDeceptor provides Deception-based Breach Protection to deceive, expose and eliminate external and internal threats.
melshehaby
Staff
Staff

Created on ‎11-26-2024 08:10 AM Edited on ‎08-28-2025 09:10 AM By Moderator

Article Id 360100

Technical Tip: Configure LDAP URL and Bind DN in Lure Resources

Description

 

This article describes how to best configure LDAP URL and Bind DN in Lure Resources.

 

Scope

 

ForiDeceptor.

 

Solution

 

To import Lure Resources from the LDAP server, follow the admin guide here.

 

Below is a configuration example without using the full DN, as well as an LDAP URL with the LDAP port.

  • Bind DN: user@domain.lab
  • URL:  ldap://LDAP_IP_or_domain:389/CN=Users,DC=domain,DC=lab?sAMAccountName?sub?(objectClass=user)

 

'CN=Users,DC=domain,DC=lab' is the location of the users to import in FortiDeceptor.

 

Additionally, it is possible to use different parameters instead of 'sAMAccountName', such as 'cn' or 'uuid'.

Screenshot 2025-08-28 150625.jpg

 

Note:

FortiDeceptor will use or display only the user's display name: not 'sAMAccountName' or real usernames. This is by design.

275
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.