Providing Single Sign-On in advanced mode for a Windows AD network
167
Configuring the DC agent
for Advanced mode
Log on to the Windows server where the DC
agent is installed. Go to
All Programs >
FortiNet > Fortinet Single Sign On Agent
> Configure Fortinet Single Sign On
Agent
.
Select
Directory Access Information
and
set
AD Access mode
to Advanced.
The rest of the con
fi
guration is done on the
FortiGate unit.
Configuring the FSSO agent
Go to
User & Device > Authentication >
Single Sign-On
to enter the information the
FortiGate unit needs to access the DC agent.
After you select
Apply & Refresh
, the
Windows AD groups are listed. This con
fi
rms
that the FortiGate unit can communicate with
the DC agent.
On a Windows AD network with a large
number of groups, the FortiGate unit’s
performance might be affected by the
volume of user logon information it
receives. Use the
Set Group Filters
function of the DC agent to send
information only for the groups you intend
to authenticate.
THE FOR
TIGA
TE COOKBOOK
Summary of Contents for FortiGate 1U
Page 1: ...FortiOS 5 0 4 1U Models ...
Page 3: ......
Page 4: ...2 ...
Page 5: ...3 QUICKSTART GUIDE FortiGate 1U QuickStart Guide ...
Page 14: ......
Page 15: ...The FortiGate Cookbook Recipes for Success with your FortiGate THE FORTIGATE COOKBOOK ...
Page 16: ......
Page 20: ......
Page 24: ......
Page 88: ......
Page 158: ......
Page 198: ......
Page 229: ...Using redundant OSPF routing over IPsec VPN 209 THE FORTIGATE COOKBOOK ...
Page 235: ...Using redundant OSPF routing over IPsec VPN 215 THE FORTIGATE COOKBOOK ...
Page 238: ......
Page 239: ...About Fortinet High Performace Network Security Q3 2013 ...
Page 253: ...PRODUCT GUIDE Product Guide ...
Page 265: ......