Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vincenzo
New Contributor II

Fortideceptor sso attibutes

Hi All,

I'm configuring sso authentication on Fortideceptor 5.3 and Azure administrators told me to use NameID as attribute.

In Fortideceptor user guide is specified user.userprincipalname as attibute. Is mandatory to use these attribute?

Thank you

 

2 REPLIES 2
ozkanaltas
Valued Contributor III

Hello @vincenzo ,

 

It depends on your Azure AD configuration. If your AD admin says you need to use NameID you can use that value while configuring Fortideceptor sso. 

 

IdP (AzureAD) will send the username information with this attribute. When you enter this attribute on FortiDeceptor, FortiDeceptor understands this as a username. 

 

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
vincenzo
New Contributor II

Hi Ozkanaltas,

in effect we are using NameID,  but when i try to login I receive a generic error "Error happened while using SAML login. Please try another login method" in log that can't help me to understand where is the error.

 

I trace the Saml response and I have the confirm that we use NameID.

Reading the admin guide I had a doubt, how does it associate the user login via saml with administrator profile?

 

Thank you

 

Vincenzo Stolfi

 

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors