Hot!Active directory ( LDAP) 's user names and Fortinet firewall.

Author
zee
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/07/07 08:27:32
  • Status: offline
2019/07/13 08:42:18 (permalink)
0

Active directory ( LDAP) 's user names and Fortinet firewall.

Hi all,
Please consider the following example:
 
FW----------Domain Controller ( AD) 
 
Above FW is Fortinet firewall.
 
Active directory contains 100 plus user names /passwords.
All 100 users should be able to login FW using  active directory credentials.
We noticed following:
FW needs to be manually configured with all 100 users names ,  FW will not query AD if it does not have user name configured on it.
Is there any way I can do the following?
FW does need to be configured with active directory users names, FW simply query AD for user authentication.
 
 
Thanks and have a nice weekend!!
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
#1

2 Replies Related Threads

    hubertzw
    Gold Member
    • Total Posts : 192
    • Scores: 5
    • Reward points: 0
    • Joined: 2018/04/16 13:29:04
    • Status: offline
    Re: Active directory ( LDAP) 's user names and Fortinet firewall. 2019/07/15 04:06:20 (permalink)
    #2
    ede_pfau
    Expert Member
    • Total Posts : 6028
    • Scores: 480
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Active directory ( LDAP) 's user names and Fortinet firewall. 2019/07/15 07:28:28 (permalink)
    0
    You NEVER need local users to be able to authenticate them on MS-AD/LDAP. (They may be convenient as backups, if the LDAP is not reachable).
    FSSO is the way to go, either with an agent on the DC or in polling mode (which is more load on the DC but might work for 100 users).

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #3
    Jump to:
    © 2019 APG vNext Commercial Version 5.5