Technical Note: Modify the FSSO polling interval frequency in FortiGate when FSSO is configured as FSSO polling mode
Description
Solution
When the FortiGate is configured for FSSO local poller (fssod process), it is possible to modify the polling interval to the Domain controller. The fssod process is responsible for FSSO when the user is not using the agent but when the FortiGate polls event logs by itself.
Solution
CLI can be used to modify the interval in seconds:
The default value is 10 seconds.
The current interval frequency can be checked using the following command:
#config user fsso-polling
edit <AD_id_int>
set polling-frequency----> range 1 to 30 seconds end
The default value is 10 seconds.
The current interval frequency can be checked using the following command:
#diagnose debug fsso-polling detail AD Server Status: ID=1, name(1.2.3.4),ip=1.2.3.4,source(security),users(0) port=auto username=prod\aa_xxxxx read log offset=4535534354, latest logon timestamp: Sun Jan 25 10:05:30 2015 polling frequency: every 10 second(s) success(161), fail(0) ----> interval frequency LDAP query: success(0), fail(0) LDAP max group query period(seconds): 0 most recent connection status: connected
Related Articles