| Description |
This article describes how to configure FortiAuthenticator to use login information from Windows Event Logs using Windows Event Polling. It provides step-by-step instructions on enabling Windows Event Polling on FortiAuthenticator. |
| Scope |
FortiAuthenticator. |
| Solution |
Step 1: First, it is necessary to enable Windows event polling on FortiAuthenticator. Go to Fortinet SSO -> Settings -> Methods -> Enable Windows event log polling and Save.
Step 2: Add the Domain Controller's details. Make sure to use an admin account or a service account that has permission to access the events.
Go to Fortinet SSO -> Methods -> Windows Event Log -> Create new. Note: Make sure that the user account used is a part of the eventlogreader group. This information can be validated by searching the user in AD -> User ('right click') -> Properties -> memberoff.
Note: NetBIOS name can be verified by accessing Active Directory Users and Computers -> 'Right click' on the Domain -> Select Properties as shown below:
NetBIOS name is the entry of the Domain name (pre-Windows 2000):
Step 3: Verify that the previously added DC is connected and is fetching the events. Go to Monitor -> SSO -> Windows Event Log Source. Verify if the DC is connected and pulling the events.
|
