Hot!SAML SSO option missing in the GUI

Author
bascheew
Bronze Member
  • Total Posts : 34
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/06/01 10:34:52
  • Status: offline
2019/10/30 12:59:25 (permalink)
0

SAML SSO option missing in the GUI

We would like to use Office 365 for SSO.  This document describes how to use Azure as an SSO Identity Provider: https://kb.fortinet.com/kb/documentLink.do?externalID=FD45699
 
The document instructs to go to "SAML SSO", however I do not see "SAML SSO" under the "User and Device" section of the GUI. Running 6.2.2 and as far as I can tell it's not an option under feature visibility that is turned off.  Any ideas?
 

Attached Image(s)

#1
Alivo_ FTNT
Expert Member
  • Total Posts : 94
  • Scores: 46
  • Reward points: 0
  • Joined: 2013/04/30 12:42:47
  • Location: Fortinet TAC Prague
  • Status: offline
Re: SAML SSO option missing in the GUI 2019/11/01 03:45:31 (permalink)
0
Hello,
It is under Security Fabric > Security Settings > Enable Telemetry, set FortiGate as root,
It will ask you for IP of FortiAnalyzer > use 0.0.0.0. Rest can be configured there as it is in:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/952688/manual-saml-sso-configuration
 
Best Regards,
Alivo
#2
bascheew
Bronze Member
  • Total Posts : 34
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/06/01 10:34:52
  • Status: offline
Re: SAML SSO option missing in the GUI 2019/11/04 14:14:52 (permalink)
0
Under Security Fabric -> Settings, I only have options for FortiAnalyzer (which we have our Fortianalyzer server setup there) and Cloud Logging.  I do not have a Telemetry setting.  Please note this is under a VDOM.
 
If I go to the Global VDOM, then I also see "Central Management" which we have setup for the FortiManager, "Sandbox Inspection", "Fabric Devices" and "Forticlient Enpoint Management System".
 
 
 
 

Attached Image(s)

#3
jforeman
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/10/19 05:33:31
  • Status: offline
Re: SAML SSO option missing in the GUI 2020/04/22 11:27:34 (permalink)
0
Pavel_Livonec_FTNT
Hello,
It is under Security Fabric > Security Settings > Enable Telemetry, set FortiGate as root,
It will ask you for IP of FortiAnalyzer > use 0.0.0.0. Rest can be configured there as it is in:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/952688/manual-saml-sso-configuration
 
Best Regards,
Alivo




I've done this but I'm still not seeing SAML SSO under User & Device. 101F in HA, no VDOM, 6.2.3.
#4
chrismo16
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/04/22 14:20:42
  • Status: offline
Re: SAML SSO option missing in the GUI 2020/04/22 14:22:15 (permalink)
0
I don't think the Telemetry answer is related to the OP.
 
I also would like to configure SAML for admin SSO and do not have the option in Users & devices.
 
Please advise. 
#5
jforeman
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/10/19 05:33:31
  • Status: offline
Re: SAML SSO option missing in the GUI 2020/04/22 20:42:34 (permalink)
0
@chrismo16 
I think that the telemetry answer is definitely in response to OP's question. I think there's a dependency on having it set up for SSO to work.
#6
scerazy
Gold Member
  • Total Posts : 190
  • Scores: 2
  • Reward points: 0
  • Joined: 2009/12/22 14:09:01
  • Status: offline
Re: SAML SSO option missing in the GUI 2020/07/31 11:15:06 (permalink)
0
Anybody has definitive answer to get it to show GUI: User & Device -> SAML SSO
 
Seb
#7
boneyard
Gold Member
  • Total Posts : 229
  • Scores: 10
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: SAML SSO option missing in the GUI 2020/09/16 00:44:07 (permalink)
0
depending on your FortiOS version you won't be able to get it and if you do you will loose it with an upgrade. as people mentioned the SAML config moved to the Security Fabric section and that menu option is gone. this was confirm by Fortinet support.
 
the work around mentioned here didn't quite work for me, i just set it up via the CLI (6.2.4) and then was able to see it when enabling Security Fabric / Telemetry. In 6.4.2 it worked better as described above.
#8
Jump to:
© 2020 APG vNext Commercial Version 5.5