Hi, got the following situation:
Our FortiGate is connected to our AD. The users have corresponding groups on the AD and can sign in to the corresponding FortiClient connections. The users are NOT defined on the FortiGate, not as local and not as LDAP.
Now we would like to make them use 2FA in the FortiClient via e-mail, so without using FortiTokens, FortiAuthenticator or similar.
Is there any way to do this without having to create users on the FortiGate?
We are talking of at least 300 users, I'd say. Possibly even more.
Thanks for the help in advance!
Solved! Go to Solution.
Hi @Florian12
Unfortunately this cant be possible the user database need to be present on FGT otherwise FGT cannot validate if the user has second factor authentication like FortiToken or email .
Hi @Florian12
Unfortunately this cant be possible the user database need to be present on FGT otherwise FGT cannot validate if the user has second factor authentication like FortiToken or email .
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.