- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
LDAP Query
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, we verified it OK on 5.6.1 release.
- « Previous
-
- 1
- 2
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hzhao_FTNT wrote:could you try: Group equal to "ABC-XY-Information Technology"
By design, when there is a space, we have to use double quotation in filter.
I hadn't thought to do that, so I've tried it now. However I'm unable to type double quotation within that field. I can type all other "special characters", but not the double quotation mark. I can't even paste a double quotation into the field. Weird. I've tried with both Chrome and IE11.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are right, I can not input double quotation either. I will check with dev team to see if it is a bug or new design.
Thanks,
hz
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Confirmed from GUI team. It is a new feature that we do not allow user to input double quotation. When user input space, double quotation will be added automatically. We do have issue for query group name contains space, it will return (false) in back end. I will open a bug for it.
Thanks,
hz
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I want to create a FortiAnalyzer report where user belongs to a particular group or organizational unit.
LDAP Query option in report filter is still working for this purpose in 5.6.1 ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, we verified it OK on 5.6.1 release.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks.
There's a step by step guide to get it working?
I tried using GUI and CLI as mentioned in this thread but filter don't work.
I can't filter reports based on LDAP OU.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there, if you followed steps in above threads but ldap filter still doesn't work, please open a support ticket in FortiCare.
Regards,
hz
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I have a request from the customer to search for the users in LDAP and create a report according to the group membership which is exatly what is described above.
My problem is that we have KERBEROS authentication when the username in the logs looks like this: username@DOMAIN.COM
Probably that is the problem as the LDAP query returns the results such as: CN=user,OU=test,DC=domain,DC=com
The CN is returned as a result but not the UPN (userPrincipalName) - the UPN should help maybe?
Is there a solution to get it work with KERBEROS authenticated users?
AtiT
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi AtiT,
I don't have environment for LDAP with KERBEROS, maybe you can modify your ldap server setting on FAZ with UPN and give it a try:
config sys admin ldap
ed <ldap-server>
set cnid userPrincipalName
set attributes member,userPrincipalName
end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your reply, unfortunatelly it does not work.
AtiT
- « Previous
-
- 1
- 2
- Next »