Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
bkarl
Staff
Staff

Created on ‎09-19-2024 10:24 PM Edited on ‎09-20-2024 03:32 AM By Community Manager

Article Id 342330

Technical Tip: LDAP query test failed on FortiMail: 'Unable to find user DN that matches mail address'

Description

This article describes a quick way to confirm communication correctly with an LDAP server.

Scope

FortiMail.
Solution

To perform a test go to Profile -> LDAP -> New.

Fill the information requested (like in this example):

 

Name:LDAP_USer

Server name / IP: 192.168.208.9

Base DN: dc=saitlabtacmx,dc=com

Bind DN: cn=administrator,cn=user,dc=saitlabtacmx,dc=com

Bind password <-- This password must be the same as the LDAP administrator account.

 

On User Query Option menu, choose the schema to perform the Query. In this example 'Active Directory'.

 

fml 2.jpg

 

The test result will fail, displaying the message 'Unable to find user DN that matches mail address'.

Back and on LDAP profile configuration go to 'Advanced Option and change the password schema to Active Directory'.

 

Go to the Active Directory, Users & Computers console, and confirm that the properties of each user's E-mail field are filled out.

 

fml 4.JPG

 

 Go back to FortiMail, go to Test LDAP Query, and perform the test again. The test will now be successful.

 

fml 3.jpg
Labels:
903
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.