FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
frottier
Staff
Staff
Description
When the FortiGate is configured for FSSO local poller (fssod process), it is possible to modify the polling interval to the Domain controller.  The fssod process is responsible for FSSO when the user is not using the agent but when the FortiGate polls event logs by itself.

Solution
CLI can be used to modify the interval in seconds:
#config user fsso-polling
   edit <AD_id_int>
         set polling-frequency       ----> range 1 to 30 seconds
  end

The default value is 10 seconds.

The current interval frequency can be checked using the following command:

#diagnose debug fsso-polling detail
AD Server Status:
ID=1, name(1.2.3.4),ip=1.2.3.4,source(security),users(0)
port=auto username=prod\aa_xxxxx
read log offset=4535534354, latest logon timestamp: Sun Jan 25 10:05:30 2015
polling frequency: every 10 second(s) success(161), fail(0)   ----> interval frequency
LDAP query: success(0), fail(0)
LDAP max group query period(seconds): 0
most recent connection status: connected

Related Articles

Technical Note: Configuration FSSO-Polling User for CLI

Contributors