Chapter 2 Getting Started : Basic Administration : Administrators : Security Precautions : Configuring LDAP authentication for administrators
  
Configuring LDAP authentication for administrators
Lightweight Directory Access Protocol (LDAP) is an Internet protocol used to maintain authentication data that may include departments, people, groups of people, passwords, email addresses, printers, etc.
If you have configured LDAP support and an administrator is required to authenticate using an LDAP server, the FortiGate unit contacts the LDAP server for authentication. If the LDAP server cannot authenticate the administrator, the FortiGate unit refuses the connection.
If you want to use an LDAP server to authenticate administrators in your VDOM, you must configure the authentication before you create the administrator accounts. To do this you need to:
configure an LDAP server
create an LDAP user group
configure an administrator to authenticate with an LDAP server.
To view the LDAP server list, go to User & Device > Remote > LDAP.
For more information, see “LDAP Admin Access and Authorization”.
See Also
Administrator configuration
Regular (password) authentication for administrators
Management access
RADIUS authentication for administrators
TACACS+ authentication for administrators
PKI certificate authentication for administrators
Administrator profiles
Adding administrators
Monitoring administrators
Trusted hosts
Administrative port settings