Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
scitlak
Staff
Staff

Created on ‎09-26-2024 01:31 AM Edited on ‎09-26-2024 01:32 AM By Community Manager

Article Id 344524

Technical Tip: How to use LDAP Nested Security Groups in FortiNAC

Description This article describes how to configure FortiNAC to use LDAP Nested Security Groups in FortiNAC.
Scope FortiNAC, FortiNAC -F.
Solution
  1. Configure Nested Groups in LDAP and assign one LDAP user as a member of a subgroup.


26.09.2024_10.13.25_REC.png

 26.09.2024_10.15.06_REC.png

 

  1. Under System -> Settings -> Authentication -> LDAP, select both groups and sync the directory.


26.09.2024_10.16.38_REC.png

 

  1. After directory sync, both groups will appear under the Group menu as nested shown below.

26.09.2024_10.20.32_REC.png 

  1. When the test 1 user logs on to a host, the host will be a member of the NAC-Test group and of course parent group.

    26.09.2024_10.22.52_REC.png

  2. When a User Host Profile is configured with Cretaria Parent Group, the host will match the User Host Profile.


26.09.2024_10.25.02_REC.png

 26.09.2024_10.25.41_REC.png
Labels:
180
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.