Hello,
I am in the process of starting a project that will need to evaluate the integration of fortigate, fortiauthenticator, AD and azure AD.
Specifically I wanted to if you had any experience and ask if it is possible to do the following:
- ssl-vpn access via Azure MFA authentication (seen some DOCs and it is feasible)
- replacement of LDAP synchronization currently used in Fortiauthenticator with AzureAD (can be used both AD and Azure AD in parallel?)
- replacement of the FSSO (LDAP-based) functionality currently used in the Fortigate with the AzureAD-based FFSO functionality
- possible coexistence of the different authentication mechanisms
Thank you
Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Maerre,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello @Anthony_E ,
just to give you an update, i've terminated all the task but i was asked for these questions:
it seems that it is not possible to census the individual user but it is necessary to put them in a specific group on the azure AD side in order to manage sso?
in this case i am wondering if it is possible to have a timeout for SSO disconnection. .
For example, if the computer is used by multiple people and therefore the OS has multiple user profiles how does this work?
If another user logs in from another profile is a second SSO authentication requested or does the session of another previously logged in user remain active (since the association is IP based only)?
Regarding the captive portal for SSO authentication: is it possible to use the same endpoint to log in with SSO from different subnets/interfaces?
This is to avoid having to create for each subnet an app on dedicated azuread with then an SSO object and SSO group for each.
I didn't find any answer in the official doc.
thank you
bye
Hello Maerre,
Thanks a lot for your update!
I will let our engineers reply to your question.
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1673 | |
1083 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.