Tuesday, 10 June 2014

How-to: Configure a User Group using LDAP filters on a FortiAuthenticator

Recently I've been playing around with a FortiAuthenticator which turns out to have some very cool features. One thing I noticed while configuring my user groups, is that it relies on 'LDAP filters' to define your groups. What I couldn't find was an explanation regarding the format on which to configure these groups.


The administration guide has no information except that you need to use an 'LDAP filter' here... being an LDAP noob I tried to put the CN of my group as per below, but it didn't like it...

CN=fulladmin,OU=Groups,OU=Lab,DC=wglab,DC=com,DC=au


After searching for a while I've found some on-line articles on LDAP search queries and have found the below query to work. This will match all users in the 'Fulladmin' group.

(&(objectCategory=user)(memberOf=CN=fulladmin,OU=Groups,OU=lab,DC=wglab,DC=com,DC=au))


1 comment:

TransUnion said...
This comment has been removed by the author.