Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
shocko
Contributor

Fortimail and Exchange Hybrid - LDAP Profiles

Using Fortimail 6.4.4 in from of Exchange 2016 hybrid to Exchange Online. We use LDAP profiles on the Fortimail device to lookup targets addresses in Active Directory before forwarding mail into Exchange. This works fine for mailboxes that are either resident in Exchange 2016 or were migrated to Exchange on line over over hybrid connector. This is because these mailboxes are ultimately backed by an Active Directory user account so Fortimail can lookup the SMTP address for that mailbox in Active Directory.

 

Our issue is we are now creating mailboxes directly in Exchange online but ingress mail from the internet is still through Fortimail. When a mail now comes targeted at one of these Exchange online only mailboxes the LDAP profile naturally fails and the mail is rejected.

What option do I have in Fortimail to get past this? 


2 REPLIES 2
xsilver_FTNT
Staff
Staff

Hi @shocko 

Just few ideas ...

 

where do you get Exchange online accounts from?

From something like Azure?

If so then how about ADDS and so LDAP against Azure?

 

If those Exchange online are manual.
Then how about some dummy accounts in your AD just for email routing purpose?

 

 

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

shocko

So Exchange Online accounts are backed by AzureAD always. I'm not sure what 'LDAP against Azure' means? Can you elaborate? I guess I could create dummy users on ADDS but seems like a very legacy method of doing this! :)

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors