Admin Authenticatiom from external servers
I work for an org which prefers to control authentication and provisioning of accounts by AD. However, we have a multi-tier access where some people get super_user, others just standard, etc. some might even be assigned to a specific Adom. all of which would be based on AD group.
When reading the documentation, it looks like i can only set the wildcard to one user (tried it practice and more than one causes an auth error). So when i am looking for is maybe switching to radius auth, but i still cannot figure out how to assign permissions dynamically based on the user. there is the " Fortinet-Group-Name " attribute, but not sure how i would use it here since the fortimanager does not have groups.
I cannot imagine we are the only one who prefers to do it this way. Otherwise every new staff member would be a huge checklist to go fiddle with each system like the fortimanager.