FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 191517
This article explains how to allow direct polling (without collector agent) on Windows Domain Controller from FortiGate.

Agentless Polling-mode FSSO
FortiGate 5.0 and above can poll directly Windows Server or Windows Domain Controller for user logon information without using the Collector Agent.

On Windows Server or Windows Domain Controller, press Windows+r to run a program.
Type gpmc.msc and press Enter.

Once gpmc.msc is running:

1) Go to Group Policy Management -> Forest : domain -> Domains -> domain -> Right-click Default Domain Policy and select Edit

2) Go to Group Policy Management Editor -> Computer Configuration -> Policies -> Administrative Template -> Network -> Network Connections -> Windows Firewall -> Domain Profile
Right click Allow inbound remote administration exception and select Edit -> Select Enabled then click Apply and OK