To specify the collector agent for FSSO – CLI:
config user fsso edit “WinGroups”
set ldap-server “ADserver” set password ENC
G7GQV7NEqilCM9jKmVmJJFVvhQ2+wtNEe9T0iYA5Sa+EqT2J8zhOrbkJFDr0RmY3c4LaoXdsoBczA
1dONmcGfthTxxwGsigzGpbJdC71spFlQYtj set server “10.11.101.160”
end
To create the FSSO_Internet-users user group – web-based manager:
1. Go to User & Device > User > User Groups and select Create New.
2. Enter the following information and then select OK:
Name FSSO_Internet_users
Type Fortinet Single Sign-On (FSSO)
Members Engineering, Sales
To create the FSSO_Internet-users user group – CLI:
config user group
edit FSSO_Internet_users
set group-type fsso-service
set member CN=Engineering,cn=users,dc=office,dc=example,dc=com
CN=Sales,cn=users,dc=office,dc=example,dc=com
end
Creating the Firewall user group
The non-FSSO users need a user group too. In this example, only two users are shown, but additional members can be added easily.
To create the firewall user group – web-based manager:
1. Go to User & Device > User > User Groups and select Create New.
2. Enter the following information and then select OK:
Name Internet_users
Type Firewall
Members User1, User2
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!