Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
jdelafuente_FTNT
Staff
Staff

Created on ‎10-04-2024 12:03 AM

Article Id 347021

Technical Tip: How to set ignore user list in Fortiauthenticator for SSO

Description

 

This article describes how to configure the ignore user list directly in FortiAuthenticator for FSSO/SSO method. 

 

Scope

 

FortiAuthenticator, FSSO, ignore user list, exempt user in FSSO.

 

Solution

 

One best practice in FSSO is to set up an ignore user list for service accounts.

  1. Import SSO User: access to SSO -> SSO Users -> Import

 

FAC-FSSO-02.png

Select Remote LDAP server, and select OK.

 

FAC-FSSO-03.png

A new window will appear, expand the tree, find and select the users to ignore, then select OK.

 

FAC-FSSO-04.png

 

  1. Configure Ignore user list. Previous selected users will appear as imported, then go to menu: SSO -> General -> Fortinet Single Sign-On (FSSO) -> Maximum concurrent user sessions -> Select (configure Per User/Group).

 

FAC-FSSO-05.png

At the top right in SSO Users mark the users to ignore and then select Exclude from SSO

 

FAC-FSSO-06.png

Choose 'Do not affect current user when excluded user logs in' and select OKNow, those users will appear as excluded from SSO.

 

7FAC-FSSO-07.png

220
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.