FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
Article Id 195147



This article explains how to apply a Group Filter to  LDAP Remote Authentication to limit admin login access to FortiAnalyzer or FortiManager to members of specific AD groups.



Expectations, Requirements



Only users who are members of AD groups defined in the group filter can get admin access to Forti
Users from other AD group do not get access



1. Active Directory configuration
AD groups and users

‘TestGroup1’ has member ‘group1user’
‘TestGroup2’ has member ‘group2user’

2. FortiAnalyzer/FortiManager configuration of LDAP server with group filter
For group filter, we need to put DN value of group
DN of 'testgroup1'- "cn=testgroup1,dc=mydomain01,dc=local"




- Login with ‘group1user’ succeeds



Login with ‘group2user’ fails


To troubleshoot:


# diagnose debug application auth 25
# diagnose debug enabl