Ldap_profile profile group, Syntax, History – Fortinet FortiMail 3.0 MR4 User Manual
Page 194: Related topics, Set ldap_profile profile group
FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
194
06-30004-0420-20080814
ldap_profile profile group
set
ldap_profile profile group
Use these commands to configure an LDAP group query.
Syntax
set ldap_profile profile <name_str> group groupstate {enable | disable}
set ldap_profile profile <name_str> group groupstate {enable | disable}
virtual {enable | disable} memberofattribute <attr_str> relativename
{enable | disable} basedn <basedn_str> groupnameattribute <grp_str>
History
Related topics
•
set ldap_profile clearallcache
•
•
set ldap_profile profile clearcache
•
•
set ldap_profile profile routing
•
set ldap_profile profile server
•
•
Keywords and Variables
Description
Default
<name_str>
Enter the name of the LDAP profile.
groupstate {enable | disable}
Enable or disable group LDAP queries.
disable
virtual {enable | disable}
Enable this option to specify any LDAP tree node. Any node
that falls under the specified tree node will be considered a
member of the group. Since the specified node isn’t defined
as a group in the LDAP database, the FortiMail unit sees it
as a sort of ‘virtual group.’
disable
membershipattribute
<attr_str>
Enter the user attribute that defines the groups the user
belongs to. For example, this attribute is memberOf for
Active Directory servers.
relativename {enable |
disable}
With the appropriate information entered, the admin need
only enter the LDAP group name when creating a recipient-
based policy, for example. If this option is disabled, the
group name attribute, group name, and group base DN must
be specified in the policy.
disable
basedn <basedn_str>
Enter the group base DN if relativename is enabled.
groupnameattribute <grp_str>
Enter the group name attribute if relativename is
enabled.
FortiMail v3.0 MR3 New.