We installed FSSO Agent 6.0.4 on Windows Server 2016 Active Directory DC and we are using Fortigate 300D 6.0.4 Firmware.
We have 2 issue first one
1. My some VLAN have problem about fsso. They cant access internet via their AD User. When i check the logs they are going the internet with IP Address. But some VLAN working excellent.
2. On my AD DC i see a lot of really very much error
"DCOM was unable to communicate with the computer X.X.X.X using any of the configured protocols; requested by PID 1be4 (C:\Program Files (x86)\Fortinet\FSAE\collectoragent.exe)."
Do you have any idea?
Thank you guys.
1. for those non-working VLAN there might be simple IP based no-identity policy allowing traffic.
2. workstation check is probably enabled on Collector Agent and that collector is unable to connect to workstations through use of tcp.445 .. tcp.135 + tcp.139 + udp.137 (as fallback ports/methods).
Tomas Stribrny - NASDAQ:FTNT - Fortinet stuff - TAC L3 Escalations engineer
1. I tried source "all" in this policy.
2. I checked client to dc - dc to client tcp 445 + tcp 135 + tcp 139 + udp 137 They can access these ports.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.