|
|
Using FSAE on your network | Configuring FSAE on FortiGate units |
Viewing information imported from the Windows AD server
You can view the domain and group information that the FortiGate unit receives from the AD Server. Go to User > Windows AD.
Figure 3: List of groups from Active Directory server
Edit
Delete Refresh
AD Server
Domain
Groups
Create New | Add a new Windows AD server. |
Name |
|
AD Server | The name defined for the Windows AD server. |
Domain | Domain name imported from the Windows AD server. |
Groups | The group names imported from the Windows AD server. |
FSAE Collector IP | The IP address of the Windows AD server |
Delete icon | Delete this Windows AD server definition. |
Edit icon | Edit this Windows AD server definition. |
Refresh icon | Get user group information from the Windows AD server. |
Creating user groups
You cannot use Active Directory groups directly in FortiGate firewall policies. You must add Active Directory groups to FortiGate user groups.
An Active Directory group should be belong to only one FortiGate user group. If you assign it to multiple FortiGate user groups, the FortiGate unit recognizes only the last user group assignment.
To create a user group for FSAE authentication
1Go to User > User Group.
2Select Create New.
The New User Group dialog box opens.
Fortinet Server Authentication Extension Version 1.5 Technical Note |
|
15 |