Description
This article describes the changes required to configure FortiMail LDAP profile to support Group Query against a Windows Active Directory LDAP server.
For assistance with configuring a LDAP profile Bind Options please refer to article FD38767.
Scope
This has been tested against Windows Server 2008 R2, and Windows Server 2012 R2.
Solution
Section A - Configure the LDAP Profile:
This article describes the changes required to configure FortiMail LDAP profile to support Group Query against a Windows Active Directory LDAP server.
For assistance with configuring a LDAP profile Bind Options please refer to article FD38767.
Scope
This has been tested against Windows Server 2008 R2, and Windows Server 2012 R2.
Solution
Section A - Configure the LDAP Profile:
1) Refer to FD38767 for complete steps on how to setup the Default Bind Options and User Query Options for Windows Active Directory.2) Configure the Group Query Options.
3) Test the configuration. Click on [Test LDAP Query...].
- Group membership attribute - For Windows Active Directory this is memberOf.
- Select Use group name with base DN as group DN
- Group base DN - Enter the DN of the Group Container in your Active Directory. In this example, the Groups are all configured in the User container.
- Group name attribute: For Windows Active Directory this is CN
- Also ensure the check mark beside Group Query Options is selected.
- Save the configuration. Scroll down to the bottom of the page and click Apply.