Authentication servers

Directory Service servers

For more information about FSAE, see the FSAE Technical Note.

To configure the FortiGate unit for Directory Service authentication - web-based manager

1Go to User > Directory Service and select Create New.

2Enter the following information, and select OK.

Figure 9: Directory Service server configuration

Name

Enter the name of the Directory Service server. This name appears in

 

the list of Directory Service servers when you create user groups.

FSAE Collector IP/Name

Port

Enter the IP address or name of the Directory Service server where this collector agent is installed. The maximum number of characters is 63.

Enter the TCP port used for Directory Service. This must be the same as the FortiGate listening port specified in the FSAE collector agent configuration.

Password Enter the password for the collector agent. This is required only if you configured your FSAE collector agent to require authenticated access.

LDAP Server Select the check box and select an LDAP server to access the Directory Service.

For information about Directory Service user groups, see “Configuring Directory Service user groups”.

To configure the FortiGate unit for Directory Service authentication - CLI

config user fsae edit <server_name>

set ldap-server <ldap_server_name>

set password <password> password2 <password2> password3 <password3> password4 <password4> password5 <password5>

set port <port_number> port2 <port_number2> port3 <port_number3> port4 <port_number4> port5 <port_number5>

set server <domain> server2 <domain2> server3 <domain3> server4 <domain4> server5 <domain5> end

FortiOS v3.0 MR7 User Authentication User Guide

 

01-30007-0347-20080828

29

Page 29
Image 29
Fortinet v3.0 MR7 manual Directory Service server configuration Name, Fsae Collector IP/Name Port