Using FSAE on your network

Configuring FSAE on FortiGate units

Viewing information imported from the Windows AD server

You can view the domain and group information that the FortiGate unit receives from the AD Server. Go to User > Windows AD.

Figure 3: List of groups from Active Directory server

Edit

Delete Refresh

AD Server

Domain

Groups

Create New

Add a new Windows AD server.

Name

 

AD Server

The name defined for the Windows AD server.

Domain

Domain name imported from the Windows AD server.

Groups

The group names imported from the Windows AD server.

FSAE Collector IP

The IP address of the Windows AD server

Delete icon

Delete this Windows AD server definition.

Edit icon

Edit this Windows AD server definition.

Refresh icon

Get user group information from the Windows AD server.

Creating user groups

You cannot use Active Directory groups directly in FortiGate firewall policies. You must add Active Directory groups to FortiGate user groups.

An Active Directory group should be belong to only one FortiGate user group. If you assign it to multiple FortiGate user groups, the FortiGate unit recognizes only the last user group assignment.

To create a user group for FSAE authentication

1Go to User > User Group.

2Select Create New.

The New User Group dialog box opens.

Fortinet Server Authentication Extension Version 1.5 Technical Note

 

01-30005-0373-20071001

15

Page 15
Image 15
Fortinet FSAE manual Viewing information imported from the Windows AD server, Creating user groups