To specify the collector agent for FSSO – CLI:

config user fsso edit “WinGroups”

set ldap-server “ADserver” set password ENC

G7GQV7NEqilCM9jKmVmJJFVvhQ2+wtNEe9T0iYA5Sa+EqT2J8zhOrbkJFDr0RmY3c4LaoXdsoBczA

1dONmcGfthTxxwGsigzGpbJdC71spFlQYtj set server “10.11.101.160”

end

 

 

To create the FSSO_Internet-users user group – web-based manager:

1. Go to User & Device > User > User Groups and select Create New.

2. Enter the following information and then select OK:

Name                                           FSSO_Internet_users

Type                                            Fortinet Single Sign-On (FSSO)

Members                                    Engineering, Sales

 

To create the FSSO_Internet-users user group – CLI:

config user group

edit FSSO_Internet_users

set group-type fsso-service

set member CN=Engineering,cn=users,dc=office,dc=example,dc=com

CN=Sales,cn=users,dc=office,dc=example,dc=com

end

 

Creating the Firewall user group

The non-FSSO users need a user group too. In this example, only two users are shown, but additional members can be added easily.

 

To create the firewall user group – web-based manager:

1. Go to User & Device > User > User Groups and select Create New.

2. Enter the following information and then select OK:

Name                                           Internet_users

Type                                            Firewall

Members                                    User1, User2

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!