management using domain credentials

Author
dirkdigs
Gold Member
  • Total Posts : 125
  • Scores: 4
  • Reward points: 0
  • Joined: 2013/09/18 09:03:51
  • Status: offline
2020/01/02 08:54:10 (permalink)
0

management using domain credentials

Hi i know there is LDAP authentication for forticlient VPN and single sign on but is it possible to manage the firewall itself using a domain account ? or does it Have to be a local account ?
 
thanks, 
#1

1 Reply Related Threads

    emnoc
    Expert Member
    • Total Posts : 5462
    • Scores: 355
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: management using domain credentials 2020/01/02 09:39:28 (permalink)
    0
    Yes you can use LDAP to  autenticate admin.Defined your ldap server and a admin account for remote wildcards login and have at it. it's quite userful and works
     
    e.g ( jumpcloud but this would be yoru MS-AD )
     
    config user ldap
    edit "jumpcloud"
    set server "52.23.54.171"
    set server-identity-check disable
    set cnid "uid"
    set dn "ou=Users,o=ffffffff,dc=jumpcloud,dc=com"
    set type regular
    set username "uid=ldap,ou=Users,o=ffffffff,dc=jumpcloud,dc=com"
    set password ENC MTAwNKmn03+4Pgekv6+UTNfl9ISOH4bEPq4DzweqTkzcIwnzy6ZZMoYUtvQQHdLrwrwFTyua+eEJRr3EmC3cdnxD89X3tC5WXWNGj8okGZMWHL9kiK8D0PQo49UC96aNU+EbHRJSXrA2u5QAAlfumOGDSNvoYTmeA0gp2te3jkqdwo3VBUugRAgb/9p0Tl7IIa4HNw==
    set secure ldaps
    set port 636
    next
    end
     
     

    config sys admin
       edit "wildcards"
            set remote-auth enable
            set accprofile "super_admin"
            set vdom "root"
            set remote-group "ldap-jc"
    end
     
    LDAP sever is a member if group ldap-jc
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5