User User group
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 327
Configuring a Windows AD server
Go to User > Windows AD and select Create New or the Edit icon of an existing
Windows AD server.
Figure 213:Windows AD server configuration
User group
A user group is a list of user identities. An identity can be:
• a local user account (user name and password) stored on the FortiGate unit
• a local user account with a password stored on a RADIUS or LDAP server
• a RADIUS or LDAP server (all identities on the server can authenticate)
• a user group defined on a Microsoft Active Directory server
In most cases, the FortiGate unit authenticates users by requesting their user
name and password. The FortiGate unit checks local user accounts first. If a
match is not found, the FortiGate unit checks the RADIUS or LDAP servers that
belong to the user group. Authentication succeeds when a matching user name
and password are found.
For an Active Directory user group, the Active Directory server authenticates
users when they log on to the network. The FortiGate unit receives the user’s
name and IP address from the FSAE collector agent. For more information about
FSAE, see the FSAE Technical Note.
Name Type or edit the name of the Windows AD server. This name appears in
the list of Windows AD servers when you create user groups.
Enter the following information for up to five collector agents.
FSAE
Collector IP
Type or edit the IP address of the Windows AD server where this
collector agent is installed.
Port Type or edit the TCP port used for Windows AD. This must be the same
as the FortiGate listening port specified in the FSAE collector agent
configuration.
Password Type or edit the password for the collector agent. This is required only if
you configured your FSAE collector agent to require authenticated
access.
To Next Page
Loading...
Need help?
General