Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rootdet
New Contributor

Admin Authenticatiom from external servers

Hi,

 

I work for an org which prefers to control authentication and provisioning of accounts by AD. However, we have a multi-tier access where some people get super_user, others just standard, etc. some might even be assigned to a specific Adom. all of which would be based on AD group.

 

When reading the documentation, it looks like i can only set the wildcard to one user (tried it practice and more than one causes an auth error). So when i am looking for is maybe switching to radius auth, but i still cannot figure out how to assign permissions dynamically based on the user. there is the " Fortinet-Group-Name " attribute, but not sure how i would use it here since the fortimanager does not have groups.

 

I cannot imagine we are the only one who prefers to do it this way. Otherwise every new staff member would be a huge checklist to go fiddle with each system like the fortimanager.

1 REPLY 1
sw2090
Honored Contributor

hm I set up our FortiManager to do Login either with its local admin (to have some fallback) or with a user in our AD. I tied the login to a specific AD Usergroup. Works smoothly here with FMG and also with FGTs.

 

Here is a Fortinet doc about this: https://pub.kb.fortinet.com/Platform/Publishing/809/FD37328_f.1.html

 

hth

Sebastian

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Labels
Top Kudoed Authors