Configure two-factor authentication on FortiAuthenticator
To configure a remote user sync rule:
- Go to Authentication > User Management > Remote User Sync Rules, and click Create New.
- Configure the following settings:
- Name: Enter a name for the sync rule (e.g. AD).
- Remote LDAP: Select your remote LDAP server.
- Configure the token-based sync priority settings under Synchronization Attributes by enabling and ordering the authentication sync priorities.
- Select or create a user group to associate users with from the dropdown menu.
- The remaining settings can be configured to your preference or left in their default state.
- Click OK to save your changes when completed.
This example scenario uses FortiToken Cloud for two-factor authentication, so the priority is FortiToken Cloud followed by None (users are synced explicitly with no token-based authentication).
To configure remote users with two-factor authentication:
- Go to Authentication > User Management > Remote Users and Import users from your Active Directory account.
- Edit a user and enable Token-based authentication, and select FortiToken > Cloud as the delivery method.
- Click OK to save your changes.