Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Oskar
New Contributor II

How integrate AD with forticlient CLOUD EMS

How integrate AD with FortiClient CLOUD EMS

9 REPLIES 9
btan
Staff
Staff

Hi Oksar,

 

The procedure should be the same as on-prem EMS:
https://docs.fortinet.com/document/forticlient/7.0.6/ems-administration-guide/123277/adding-endpoint...

Regards,
Bon
Oskar
New Contributor II

emmm... So what? I need open port from the internet to my AD servers?

So how can i do this safely? bcs open port to AD servers is not very secure options.

btan

You have to indeed open port to at least your EMS Cloud server public IP.
You can locate your EMS public IP in the about tab at the bottom left when you login to EMS Cloud.

Regards,
Bon
Oskar
New Contributor II

Still not very safe if someone spoof ip adress.

minusnine

Did you ever get this implemented? I don't understand which IP to use on the EMS Cloud config to see the internal AD Server? I've found my public address for EMS Cloud to allowlist to the internal AD server - but how would EMS Cloud know how to route to the internal address of the AD Server?

DanielSan

Well, first you have to open ports for LDAP(s) on some your public IP, and instead of opening it to all (internet), you will use as source IP your Public IP of FortiClient EMS Cloud. 

mhaneke
Contributor

Opening Ports to LDAPs or much worse to Windows AD servers on Your firewall is insecure!

 

To end all that bad guessing. There is an ADConnector. See FortiDocs here: https://docs.fortinet.com/document/forticlient/7.2.2/ems-administration-guide/787816/ad-connector

 

best regards
Martin
best regardsMartin
smalls
New Contributor

That appears to be for On-prem EMS. Is there an option for cloud EMS?

btan

Hi @smalls ,

 

AD Connector can be setup for EMS Cloud as well. In fact the purpose for AD Connector is usually for EMS Cloud, but it is still very niche usage, since it increases management overhead (you will have to upgrade Connector version when EMS version is upgraded).

Regards,
Bon
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors