Active Directory Bind Account Permission

xlloyd · ‎11-06-2015

Hi all,

I was looking through the forum and couldn't find any similar discussion. Please let me know if this has been addressed elsewhere.

I am working with a customer who is very particular when it comes to Active Directory permissions for service accounts. When using Regular binding for LDAP servers (using FSSO in polling mode), what are the minimum permissions I can assign to the bind account for the solution to function properly?

I have tried using regular users before and it didn't work so since then I have always used Domain Admin privileges. Unfortunately this won't fly with these guys.

Thanks!

Xavier

Admin_FTNT · ‎03-28-2018

Hi,

Article is at http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD36039

Regards,

Admin.

View solution in original post

xsilver_FTNT · ‎11-07-2015

Hi, I would recommend to check KB articles , namely start with this one:

Technical Note: Restricting FSSO service account

http://kb.fortinet.com/kb...amp;externalId=FD36039

kind regards,Tomas

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

xlloyd · ‎11-09-2015

Thanks so much! I was searching the kb too but apparently I was using the wrong search strings!

xlloyd · ‎11-09-2015

[strike]Actually after reading through, I realised that this is with regards to the Collector Agent. I am doing only Polling Mode. Are the restrictions the same with both methods?[/strike]

EDIT: Sorry just reread it and it had all necessary info. Thanks again!

Gabana · ‎03-28-2018

would you please share your info ?

i dont have access to that KB

Admin_FTNT · ‎03-28-2018

Hi,

Article is at http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD36039

Regards,

Admin.

Active Directory Bind Account Permission

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website