Help
FortiProxy
FortiProxy provides enterprise-class protection against internet-borne threats and Advanced Web Content Caching
darisandy
Staff
Staff

Created on ‎02-27-2023 09:25 PM

Article Id 247424

Technical Tip: NTLM Authentication with Cisco UCS LDAP Server

Description This article describe how to configure LDAP Setting on FortiProxy when integrating with Cisco UCS LDAP Server
Scope FortiProxy v7.0.8.
Solution

Based on the article below, in some cases, it is required to strip a domain string from the UPN to successfully authenticate the user:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Strip-domain-strings-from-a-UPN-in-Kerbero...

 

Using default configuration on Windows LDAP Server may work most of the time, but in cases with Cisco UCS LDAP Server, sometimes it is not working.

 

Try to make this change :

 

# config user ldap
    edit "ldap"
        set account-key-processing strip       <-----
        set account-key-name ""  <-----
    next
end

 

Labels:
237
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.