User Groups Management Settings on FortiAuthenticator
To configure on FortiAuthenticator the assertion attribute that will be used to map users’ permissions to access FortiEDR:
- Go to Authentication > User Management > User Groups.
- Select Create New.
- Specify a name for the group to be used for setting User access permissions for FortiEDR. In our example, we used groupuser.
- In the Users section, select all the FortiAuthenticator users to be assigned with User permission to the FortiEDR Central Manager Console in order to add them to this User Group.
- Click OK to save the configuration.
- Repeat steps 1 – 5 above in order to also create Local Admin, Admin and API groups and in order to select the users to be assigned with these access permissions to the FortiEDR Central Manager Console.
In our example, we created a group named groupadmin and assigned this user the same Admin permissions to the FortiEDR Central Manager Console, as shown below:
Note – New or existing FortiAuthenticator users can also be configured into groups on the Local Users create and edit page.