Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiAuthenticator 6.0.5 Administration Guide
    6.0.5
    6.6.2
    6.6.1
    6.6.0
    6.5.5
    6.5.4
    6.5.3
    6.5.2
    6.5.1
    6.5.0
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.2
    6.2.1
    6.2.0
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.5.0
    5.4.0
    5.3.0
    5.2.0
    5.1.0
    5.0.0
    4.3.0
    4.2.1
    4.2.0

    SSO

    SSO

    FortiAuthenticator can monitor the units that make up FSSO. This is useful to ensure there is a connection to the different components when troubleshooting.

    Domains

    To monitor SSO domains, go to Monitor > SSO > Domains. Select Refresh to refresh the domain list. Select Expand All to expand all of the listed domains, or Collapse All to collapse the view.

    All configured domain controllers appear in the domain list. Each domain controller is displayed in:

    • green if the last connection attempt was successful.
    • gray if no recent connection information is available.
    • red if the last connection attempt failed.

    Hold the pointer over a domain controller to view the status of the last LDAP query, how long ago it was, and the LDAP query's response time in milliseconds (ms). This response time will show a warning icon if the highest recent response time is above 500 ms.

    In addition, you can click on the domain controller entry to view statistics for the 100-most recent LDAP queries. The listed response times are color coordinated as follows: green for less than 500 ms, orange for between 500 and 1000 ms, and red for more than, or equal to, 1000 ms.

    SSO sessions

    To monitor SSO sessions, go to Monitor > SSO > SSO Sessions. Users can be manually logged off of if required.

    The following information is available:

    Refresh Refresh the SSO sessions list.
    Logoff All Log off all of the connected users.
    Logoff Selected Log off only the selected users.
    Search Enter a search term in the search field, then select Search to search the SSO sessions list.
    Filter

    Filter the SSO session list by the source of the connection and/or by Domain Group.

    To view SSO sessions not associated with any configured domain grouping, select Default.
    Logon Time When the session was started.
    Update Time When the session was last updated.
    Workstation The workstation that the user is using.
    IP address The IP address of the workstation.
    Domain Grouping The domain group to which the domain belongs.
    Domain The domain to which the user belongs.
    Username The username of the user.
    Source The source of the connection.
    Group The group to which the user belongs.

    Windows event log sources

    Windows event log sources can be viewed by going to Monitor > SSO > Windows Event Log Sources.

    The sources list can be refreshed by selecting Refresh, and searched using the search field.

    The list shows the total number of events, as well as the most recent event.

    FortiGates

    FortiGate units that are registered with FortiAuthenticator can be viewed at Monitor > SSO > FortiGates.

    The list can be refreshed by selecting Refresh and searched using the search field. The list shows the connection time of each device, as well as its IP address and serial number.

    User authentication events are logged in the FortiGate event log. See the FortiGate Handbook for more information.

    DC/TS agents

    Domain controller (DC) agents and terminal server (TS) agents that are registered with FortiAuthenticator can be viewed at Monitor > SSO > DC/TS Agents.

    The list can be refreshed by selecting Refresh and searched using the search field.

    The list shows the server name of each agent, as well as its IP address, its agent type, last connection time, connection status, and the number of logged-on users.

    NTLM statistics

    Dumped NTLM statistics can be viewed at Monitor > SSO > NTLM Statistics.

    The statistics can be refreshed and cleared by selecting Refresh and Clear respectively.

    Previous
    Next

    SSO

    SSO

    FortiAuthenticator can monitor the units that make up FSSO. This is useful to ensure there is a connection to the different components when troubleshooting.

    Domains

    To monitor SSO domains, go to Monitor > SSO > Domains. Select Refresh to refresh the domain list. Select Expand All to expand all of the listed domains, or Collapse All to collapse the view.

    All configured domain controllers appear in the domain list. Each domain controller is displayed in:

    • green if the last connection attempt was successful.
    • gray if no recent connection information is available.
    • red if the last connection attempt failed.

    Hold the pointer over a domain controller to view the status of the last LDAP query, how long ago it was, and the LDAP query's response time in milliseconds (ms). This response time will show a warning icon if the highest recent response time is above 500 ms.

    In addition, you can click on the domain controller entry to view statistics for the 100-most recent LDAP queries. The listed response times are color coordinated as follows: green for less than 500 ms, orange for between 500 and 1000 ms, and red for more than, or equal to, 1000 ms.

    SSO sessions

    To monitor SSO sessions, go to Monitor > SSO > SSO Sessions. Users can be manually logged off of if required.

    The following information is available:

    Refresh Refresh the SSO sessions list.
    Logoff All Log off all of the connected users.
    Logoff Selected Log off only the selected users.
    Search Enter a search term in the search field, then select Search to search the SSO sessions list.
    Filter

    Filter the SSO session list by the source of the connection and/or by Domain Group.

    To view SSO sessions not associated with any configured domain grouping, select Default.
    Logon Time When the session was started.
    Update Time When the session was last updated.
    Workstation The workstation that the user is using.
    IP address The IP address of the workstation.
    Domain Grouping The domain group to which the domain belongs.
    Domain The domain to which the user belongs.
    Username The username of the user.
    Source The source of the connection.
    Group The group to which the user belongs.

    Windows event log sources

    Windows event log sources can be viewed by going to Monitor > SSO > Windows Event Log Sources.

    The sources list can be refreshed by selecting Refresh, and searched using the search field.

    The list shows the total number of events, as well as the most recent event.

    FortiGates

    FortiGate units that are registered with FortiAuthenticator can be viewed at Monitor > SSO > FortiGates.

    The list can be refreshed by selecting Refresh and searched using the search field. The list shows the connection time of each device, as well as its IP address and serial number.

    User authentication events are logged in the FortiGate event log. See the FortiGate Handbook for more information.

    DC/TS agents

    Domain controller (DC) agents and terminal server (TS) agents that are registered with FortiAuthenticator can be viewed at Monitor > SSO > DC/TS Agents.

    The list can be refreshed by selecting Refresh and searched using the search field.

    The list shows the server name of each agent, as well as its IP address, its agent type, last connection time, connection status, and the number of logged-on users.

    NTLM statistics

    Dumped NTLM statistics can be viewed at Monitor > SSO > NTLM Statistics.

    The statistics can be refreshed and cleared by selecting Refresh and Clear respectively.

    Previous
    Next