Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ac1
Contributor II

Created on ‎12-09-2021 12:54 AM

FortiADC Form Based authentication

Hi all,

I want to configure a form based auhtentication for MS Exchange OWA. Is it possibile in FortiADC?

If it is not possibile, where is the Fortinet appliance that permit this function? FortiWeb? 

 

Thanks

ac1

#FortiADC #FormBased

Labels:
2931
0 Kudos
4 REPLIES 4
ddsouza_FTNT
Staff
Staff

Created on ‎12-10-2021 08:33 AM Edited on ‎12-10-2021 08:36 AM

Yes, you can configure FortiADC to authenticate OWA users by using the client authentication method as the HTML Form.

I have shared a sample configuration.  In this example, I am using the LAB  Network Environment mentioned below. Unfortunately, I don't have an Exchange server in the lab, but the configuration steps are similar.

ddsouza_FTNT_0-1639153853107.png

 

Add an LDAP server Entry

ddsouza_FTNT_1-1639153865418.png

Add a User Group: Select the Client Authentication Method as ‘HTML form’ and Member as the LDAP server entry (added in the previous step)

ddsouza_FTNT_2-1639153881950.png

 

Create an Authentication Policy and select the User Group added in the previous step.

ddsouza_FTNT_3-1639153897543.png

 

Call the Authentication Policy in the Virtual Server.

ddsouza_FTNT_4-1639153912475.png

 

 

Test Result

Access the website. FADC presents the HTML form to the client.

ddsouza_FTNT_5-1639153935489.png

 

 

If the user credentials are correct, fortiADC forward the request to the webserver.

ddsouza_FTNT_6-1639153950807.pngddsouza_FTNT_7-1639154009961.png

 

2866
ac1
Contributor II
In response to ddsouza_FTNT

Created on ‎12-13-2021 12:44 AM

Hi Denzil,

The function HTML form forward the kerberos auhtentication to the Exchange?

 

Thanks

2844
0 Kudos
ddsouza_FTNT
Staff
Staff
In response to ac1

Created on ‎12-14-2021 05:51 AM

Hi,

You can configure Authentication Relay (User Authentication>Authentication Relay) with Delegation Type set to 'Kerberos" and then call the Authentication Relay in the User Authentication>User Group (used in the Authentication Policy)

 

ddsouza_FTNT_0-1639489629448.png

 

2836
ac1
Contributor II
In response to ddsouza_FTNT

Created on ‎12-14-2021 06:14 AM

Thank you so much Denzil. I appreciate your support.

I will test this solution and I report here the result.

 

ac1

2833
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.