Hot!LDAP / NTLM authentication with explicit proxy

Author
James_G
Bronze Member
  • Total Posts : 40
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/02/28 02:55:47
  • Status: offline
2018/09/10 10:14:05 (permalink)
0

LDAP / NTLM authentication with explicit proxy

Does anyone have a simple guide to setting up LDAP / NTLM authentication with explicit proxy, without agents or DC polling, using per session HTTP authentication as documented here: https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-WAN-opt/web_proxy.htm
 
PS this unit is running FortiOS 6.0.2
 
In my mind should be simple - but I'm struggling on this one :(
#1

1 Reply Related Threads

    James_G
    Bronze Member
    • Total Posts : 40
    • Scores: 2
    • Reward points: 0
    • Joined: 2016/02/28 02:55:47
    • Status: offline
    Re: LDAP / NTLM authentication with explicit proxy 2018/09/10 14:14:36 (permalink)
    0
    What I am trying to achieve is as documented here - http://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-authentication/FSAE.htm
     
    All I need is NTLM auth to explicit proxy, no other SSO

    Agentless NTLM support

    Agentless NTLM authentication can be configured directly from the FortiGate to the Domain Controller via SMB protocol (no agent is required).
    Note that this authentication method is only supported for proxy policies.
    Syntax
    Note that domain-controller is only available when method is set to ntlm and/or negotiate-ntlm is set to enable.
    config authentication scheme
    edit <name>
    set method ntlm
    set domain-controller <dc-setting>
    next
    end
     
    config user domain-controller
    edit <name>
    set ip-address <dc-ip>
    set port <port> - default = 445
    set domain-name <dns-name>
    set ldap-server <name>
    next
    end
    #2
    Jump to:
    © 2018 APG vNext Commercial Version 5.5