Hi,
new in FG and new here, so please forgive me if something isn't clear.
Short description: FG100D v6.0.1 build 0131 I want to allow logging to FG device (GUI and CLI) using AD group (update AD group for allow/deny logging to device). So I've setup LDAP server, User Group that includes AD server and Admin user with that UserGroup. Next to LDAP I also have setup Radious > point to MS NPS - this is use for L2TP VPN access. Now - when I add a user to the related AD group for logging it does not work and end with: - debug application fnbamd -1 shows: fnbamd_ldap_result-Failed group matching - sustem Event shows: Administrator admin_test login failed from https(IP) because of invalid password However, If I add the admin_test AD account to the AD group for VPN (this group is add/setup on MS NPS server, not on the FG device), then admin_test AD account can successfully login to the FG. Question: What I'm doing wrong? Attached is a file with settings and debug log. Many thanks in advance. jyndros
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi experts, no one can help me?
wow was hoping to find an answer for that
Hello,
I've solved this by adding the group in the firewall policy rule.
Best regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1673 | |
1083 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.