- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Active Directory authentication does not work
Hello friends, okay? I'm setting up a 60D FGT on a client and is almost ready, what is missing is the navigation out with authentication in Active Directory, I have done the settings following this video
[link]https://www.youtube.com/watch?v=WopByyq1rTI[/link] Unfortunately it did not work, I realized that when creating the rule, which does not have the option of Policy Type and Subtype, where then we can specify the domain user groups, as I did not see this, then put originates from the LAN network and a the field of the groups, but did not work. They can give me guidance? I must go back Thursday on the client and leave the authentication in running Active Directory. I want to create 03 rules, they are:
a. One with Webfilter restricting categories - domain users
b. Another without Webfilter and without App Control - to the Board
c. One with access to social media, videos, etc., but only at lunch - for domain users.
Thanks
Ivanildo Galvão
Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
- Labels:
-
5.2
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
If I understood correctly, you've done the following:
[ol]But you have a problem because, in the newer versions, FortiOS does not have firewall policy types and subtypes. That's OK. All you need to do is:
[ol]Hope this helps!
NSE 7
All oppinions/statements written here are my own.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does the account used for querying AD need to be a domain admin or otherwise elevated account? I've performed all the steps using a regular account for AD query. This works as far as use lookups are concerned but the policy I created to test with does not allow access based on AD users or groups.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The account used to query AD for FSSO needs to be a domain or forest admin.
Regards, Chris McMullan Fortinet Ottawa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have the Fortigate SSO Agent installed and it is still not working. I get the logon events in the agent logs but when the user tries to connect to the internet it does not go through the policy I set for that user group.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content