Description | This article describes how to configure FortiGate to accept admin logons over SAML with LDAP credentials. |
Scope | FortiAuthenticator 6.X. FortiGate 6.2, 6.4, 7.X. |
Solution |
In FortiAuthenticator, follow the steps below:
1) Enable the SAML Identity Provider portal.
4) Download the IPD server certificate highlighted above.
5) Create an SP:
6) Add the following claim, filling in details as necessary:
Follow the steps below in FortiGate:
7) Enable SSO Admin login.
Alternatively, run the following in the CLI (the details provided are examples):
# config system saml set status enable end
10) Logout from FortiGate, refresh, select the SSO option and auth with LDAP credentials on FortiAuthenticator (IDP):
11) Login to the firewall as an SSO admin. If the steps were successfully completed, this will succeed.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.