Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zee
New Contributor

Active directory ( LDAP) 's user names and Fortinet firewall.

Hi all,

Please consider the following example:

 

FW----------Domain Controller ( AD) 

 

Above FW is Fortinet firewall.

 

Active directory contains 100 plus user names /passwords.

All 100 users should be able to login FW using  active directory credentials.

We noticed following:

FW needs to be manually configured with all 100 users names ,  FW will not query AD if it does not have user name configured on it.

Is there any way I can do the following?

FW does need to be configured with active directory users names, FW simply query AD for user authentication.

 

 

Thanks and have a nice weekend!!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2 REPLIES 2
hubertzw
Contributor III

ede_pfau
Esteemed Contributor III

You NEVER need local users to be able to authenticate them on MS-AD/LDAP. (They may be convenient as backups, if the LDAP is not reachable).

FSSO is the way to go, either with an agent on the DC or in polling mode (which is more load on the DC but might work for 100 users).


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors