Genel, Güvenlik
Fortigate LDAP Authentication

Fortigate LDAP Authentication

Merhaba arkadaşlar,

Bugün Fortigate 5.47 build de LDAP Authentication nasıl yapılır onu anlatacağım. Adımları kısa tutup detaylara ağırlık vereğim.

Menü den User & Device > LDAP Servers tabına geliyoruz. Ve Create New diyerek üstteki ekrana ulaşıyoruz. Bu ekranı alttaki gibi dolduruyorum.

Şimdi burada gördüğünüz gibi bilgilerimizi doldurduk. Burada önemli olan tek nokta Common Name İdentifier I değiştirmemiz. Default ta CN geliyor biz ad deki kullanıcı adımızı alması için değeri görseldeki gibi değiştirdik. Ok diyip kaydediyoruz.

Tüm ayarları kaydettikten sonra görebiliyoruz. Ve şimdi LDAP tan bir kullanıcı oluşturuyoruz.

LDAP User I seçiyoruz.

Choose Existing diyip oluşturduğumuz LDAP Server I seçiyoruz. Create New diyerek yeni bir ldap server eklersiniz.

Gördüğünüz gibi test kullanıcımız burda. Üzerine 1 kere tıklayıp Add Selected diyoruz ve Create dediğimiz anda kullanıcımız oluşuyor.

Buraya kadar değineceğim bir detay yoktu, şimdi test edeceğiz ama test için logout olup ban yiyene kadar denemeyeceğiz J

diagnose test authserver ldap deneme test Aa123456

Komutta sarı ile işaretlediğimiz alanlar sırasıyla kurduğumuz LDAP Server Name – SAM – Password

Bunlardan öncesi zaten ana komutları olduğu için TAB yaparak da getirebilirsiniz.

NOT : LDAP dan gelen kullanıcıları admin olarak ekleyemezsiniz.

Share this Story

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

The Hacker News

  • New PowerDrop Malware Targeting U.S. Aerospace Industry
    by [email protected] (The Hacker News) on 7 Haziran 2023 at 04:40

    An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. "The name is derived from the tool,

  • New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency
    by [email protected] (The Hacker News) on 6 Haziran 2023 at 18:21

    A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim's account by performing web injections into targeted cryptocurrency websites," Kaspersky

  • Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices
    by [email protected] (The Hacker News) on 6 Haziran 2023 at 13:17

    Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular applications to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue," Bitdefender said in a technical report shared with The Hacker News. "However, the threat

  • 5 Reasons Why IT Security Tools Don't Work For OT
    by [email protected] (The Hacker News) on 6 Haziran 2023 at 11:44

    Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergence continue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants — the infrastructure that undergirds our daily lives could all be at risk. Disrupting or manipulating OT systems stands to pose real physical harm to citizens, environments, and

  • Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!
    by [email protected] (The Hacker News) on 6 Haziran 2023 at 10:21

    Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type