Configuring FSAE on Windows AD | Using FSAE on your network |
To configure the FSAE collector agent
1From the Start menu select Programs > Fortinet >
Fortinet Server Authentication Extension > Configure FSAE.
2Enter the following information and then select Save and Close.
Monitoring user logon events Enable to automatically authenticate users as they
log on to the Windows domain.
Support NTLM authentication | Enable to facilitate logon of users who are connected |
| to a domain that does not have the DC Agent |
| installed. |
Domain controller monitored | Select the domain controllers that you want to monitor |
| for users logging on. |
Global User Ignore List | Exclude users such as system accounts that do not |
| authenticate to any FortiGate unit. See “Configuring |
| the Global Ignore List” on page 11. |
FortiGate Group Filter | Configure group filtering for each FortiGate unit. See |
| “Configuring FortiGate group filters” on page 11. |
Sync Configuration | Copy this collector agent's Global Ignore List and |
| Group Filters to the other collector agents to |
| synchronize the configuration. You are asked to |
| confirm synchronization for each collector agent. |
Listening ports | You can change port numbers if necessary. |
FortiGate | TCP port for FortiGate units. Default 8000. |
DC Agent | UDP port that DC Agents use. Default 8002. |
Logging |
|
Log level | Select the minimum severity level of logged |
| messages. |
Log file size limit Authentication
Require authenticated connection from FortiGate
Enter the maximum size for the log file in MB.
Select to require the FortiGate unit to authenticate before connecting to the Collector Agent.
Fortinet Server Authentication Extension Version 1.5 Technical Note
10 |
|