Skip to main content
ergotherego
ergotherego
New Member
November 16, 2016
Question

Support for multiple AD/LDAP domains coming?

  • November 16, 2016
  • 1 reply
  • 6536 views

Will FAC ever support being a member of multiple LDAP/AD domains? I was a bit surprised to find out that it cannot be. I understand that in normal situations a machine cannot be a member of multiple domains, but I figured NAC would be able to.

 

We have a few different internal domains, with large numbers of users, and not being able to do automatic grouping against LDAP OU/CN membership is a pretty big burden.

1 reply

xsilver_FTNT
Staff
xsilver_FTNT
Staff
November 16, 2016

Hi ergotherego,

look into FAC 4.2 What's new - page 7 .. yes, it's been added recently.

http://docs.fortinet.com/uploaded/files/3384/fortiauthenticator-v4.2-release-notes.pdf

Best regards,

Tomas

 

ergotherego
ergotheregoAuthor
New Member
November 16, 2016

Yep appears to be working. I was able to join multiple domains w/o error.

 

I guess I was mis-reading that new feature. The title says:

 

Support multiple domains for non-AD remote LDAP users

 

So I thought it wouldn't work against ActiveDirectory

 

Thanks!

Terms & ConditionsAccessibility statement