FSSO in polling mode for Windows AD

Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin

In this recipe, you use Fortinet single sign-on (FSSO) in polling mode to allow users to log in to the network once with their Windows Active Directory (AD) credentials and seamlessly access all appropriate network resources.

1. Creating a Fabric Connector

To configure the LDAP service, go to User & Device > LDAP Servers and select Create New.

Enter all information about your LDAP server. Select Test Connectivity. If your information is correct, Connection status is Successful.

To create a Fabric Connector, go to Security Fabric > Fabric Connectors and select Create New.

Under SSO/Identity, select Poll Active Directory Server.

Set the Server IP/Name and enter the credentials for the administrator account. Set LDAP Server to the new LDAP service.

Your FortiGate displays information retrieved from the AD server. Select Groups, then right-click the FSSO group and select + Add Selected.

Select Selected. The list includes the FSSO group.

2. Creating a user group

To create a user group for FSSO users, go to User & Device > User Groups and select Create New.

Enter a group Name and set Type to Fortinet Single Sign-On (FSSO). Add the FSSO users to Members.

3. Creating a policy

To create a policy for FSSO users, go to Policy & Objects > IPv4 Policy and select Create New.

For Source, set User to the FSSO user group.

4. Results

Log in to a computer on the domain and access the Internet. The FortiGate uses FSSO for authentication and doesn’t require your credentials to be entered again.
On the FortiGate, go to Monitor > Firewall User Monitor and select Show all FSSO Logons.

For further reading, check out Single sign-on to Windows AD in the FortiOS 6.0 Online Help.

Victoria Martin

Victoria Martin

Technical Writer at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin

Latest posts by Victoria Martin (see all)

Facebooktwittergoogle_pluslinkedinFacebooktwittergoogle_pluslinkedin