Description
This article describes how to import users from Active Directory group.
Scope
FortiNAC.
Solution
Use the Select Groups tab to choose groups of users to be included when the directory and database are synchronized.
Users that do not already exist in the database are not imported. However, user data for users already in the database is updated each time the Synchronization task is run. Only the user records for users in the selected groups are updated. Users in the directory that are not in a selected group are ignored during Synchronization.
- To access Group Selections for an existing Directory, navigate to System -> Settings.
- Select the Authentication folder in the tree control.
- Select LDAP to display the Directories window.
- When adding a new Directory, the Select Groups tab is displayed upon selecting Next after completing the Search Branches tab.
- Mark the Groups of users that should be included when the Directory and the database are synchronized by checking the box in the Active column. If no boxes are checked, all Groups will be included.
- A check mark in the Is Organizational Unit column indicates that the group is an OU or a container for other groups. This field cannot be edited.
- Select OK to save the directory configuration.
- An initial Synchronization is done immediately when saving the Directory. It is recommended to set up a schedule for synchronizing the Directory.
