Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
btan
Staff
Staff

Created on ‎01-16-2024 01:19 AM Edited on ‎12-12-2024 03:53 AM By Community Manager

Article Id 294318

Technical Tip: FortiClient EMS cannot match Deployment policy when endpoint belongs to 2 Azure AD groups

Description This article describes that FortiClient EMS cannot match the Deployment Policy when the endpoint belongs to 2 AD groups.
Scope

FortiClient.
Solution

Starting from EMS v7.2.1, vEMS can integrate with Azure AD (aka Microsoft Intra ID) and import endpoint devices from it.

However, up to the latest EMS v7.2.4, EMS will not match an endpoint with 2 Azure AD groups to any Deployment Policy.


when-2-AD-groupswhen-2-AD-groups

 

policy-wont-matchpolicy-wont-match

 

This is fixed in FortiClient EMS v7.2.5 and above.
Labels:
405
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.