Fortigate 80F 6.4.10 single domain / 3 subnets / one DC per subnet.
We have Security Fabric / External Connectors / AD Connector set up with 3 AD connectors, one for each DC.
I see that there are Connector Objects for each AD Connector - we have made the all the same. So, that's a lot of connector objects it might seem.
We want to have redundancy, thus 3 DCs. So, it seems consistent for each AD connector to have all the Connector Objects.
Is that good practice? Or should only one AD Connector be populated with Connector Objects?
Also, we have added each and every AD User and we have added an AD Group with all the same users.
This seems appropriate. Is it?
In one AD Connector, we are unable to add those AD Groups - get an error that there are too many.....
Thus this question.