1. To configure the Remote LDAP Server:

• Go to User -> Remote Server -> LDAP Server and select 'Create New'.

• Complete with LDAP information: Remote LDAP IP, LDAP port, Domain, Administrator user information
• Use any User with an Admin Domain Profile:

2. Configure via FortiWeb CLI:

config user ldap-user
    edit "LDAP" <----- Any LDAP name.
        set server 172.16.16.100 <----- LDAP Server.
        set common-name-id sAMAccountName
        set distinguished-name dc=tac,dc=local <----- Domain.
        set bind-type regular
        set username "TAC\\Administrator" <----- Domain user Administrator.
        set password <your_ldap_admin_password>
    next
end

3. To do a PCAP Capture:

• Go to Network -> Packet Capture and select 'Create New':

• Interface: Any.
• Filter: host 172.16.16.100 <----- LDAP Sever.

• Select: 'Not Running' to start capture:

4. While capture is running:

• Go to User -> Remote Server and select 'LDAP Server'.
• Select: Test LDAP.
• Configure 'username' and 'user password' to test the connection to LDAP.
• Select: 'OK'.

5.  Later to Stop PCAP Capture:

• Go to Network -> Packet Capture.
• Select: Stop Capturing.
• Donwload the PCAP Capture.

6. Use Wireshark to filter user connection and to check what is happening with the Test User connection. In this example, the connection was 'succesfully' so in Wireshark, this log appears:

To know about FortiWeb network sniffer captures refer to:

Packet capture

network sniffer

To know about LDAP options refer to:

Introduction

user ldap-user