Domain groupings enable you to identify and group together SSO sessions from domains belonging to a specific FortiGate or virtual domain (VDOM). This is useful in environments where the networks behind each FortiGate or VDOM have their own set of users and IP subnets. Domain groupings allow the FortiAuthenticator to return only the SSO sessions belonging to users from a specific FortiGate or VDOM.
To manage domain groupings, go to Fortinet SSO Methods > SSO > Domain Groupings.
The following options are available:
Configure a new domain grouping.
|Delete||Delete the selected domain groupings.|
|Edit||Edit the selected domain grouping.|
|Name||The name of the domain grouping.|
|Description||A description of the domain grouping.|
|Domains||A list of domains that belong to the domain grouping.|
Logins from domains that do not belong to any other configured domain grouping are assigned to the Default domain grouping.
To create a new domain grouping:
- From the Domain Groupings list, select Create New.
- Enter the following information:
Name Enter a name for the domain grouping. Description Optionally, enter a description for the domain grouping. Domain list
Enter the domains that belong to the domain grouping, separated with commas or line breaks.
Note: A domain can only belong to one domain grouping.
- Select OK to create the new domain grouping.
After domain groupings are defined, the SSO sessions list displays the corresponding domain grouping of each SSO session. See SSO for more information.
The Create New Domain Grouping window opens.