#config user domain-controller
edit <name>
set ip-address <dc-ip>
set port <port> - default = 445
set domain-name <dns-name>
set ldap-server <name>
next
end
#config authentication scheme
edit <name>
set method ntlm
set domain-controller <dc-setting>
next
end
#config authentication rule
edit <name>
set srcaddr "all"
set active-auth-method 'ntlm'
next
end#config authentication setting
set active-auth-scheme <select ntlm scheme>
end
#config system dns
set primary x.x.x.x -> local dns server to resolve domain name
set secondary x.x.x.x
end
Verification:#diagnose wad user list
ID: 178, IP: 10.120.0.174, VDOM: root
user name : SNDP
duration : 13
auth_type : 1
auth_method : 2
pol_id : 1
g_id : 2
user_based : 0
expire : 593
LAN:
bytes_in=45885 bytes_out=55762
WAN:
bytes_in=49728 bytes_out=40434
auth_method = 2 <-----Means the user has been authenticated with NTLM.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.