Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.

Fortimail and Exchange Hybrid - LDAP Profiles

Using Fortimail 6.4.4 in from of Exchange 2016 hybrid to Exchange Online. We use LDAP profiles on the Fortimail device to lookup targets addresses in Active Directory before forwarding mail into Exchange. This works fine for mailboxes that are either resident in Exchange 2016 or were migrated to Exchange on line over over hybrid connector. This is because these mailboxes are ultimately backed by an Active Directory user account so Fortimail can lookup the SMTP address for that mailbox in Active Directory.


Our issue is we are now creating mailboxes directly in Exchange online but ingress mail from the internet is still through Fortimail. When a mail now comes targeted at one of these Exchange online only mailboxes the LDAP profile naturally fails and the mail is rejected.

What option do I have in Fortimail to get past this? 


Hi @shocko 

Just few ideas ...


where do you get Exchange online accounts from?

From something like Azure?

If so then how about ADDS and so LDAP against Azure?


If those Exchange online are manual.
Then how about some dummy accounts in your AD just for email routing purpose?



Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff


So Exchange Online accounts are backed by AzureAD always. I'm not sure what 'LDAP against Azure' means? Can you elaborate? I guess I could create dummy users on ADDS but seems like a very legacy method of doing this! :)


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors