Because you have installed FSSSO in advanced mode, you need to configure LDAP to use with FSSO.
- To configure the LDAP service, go to User & Device > LDAP Servers and select Create New.
- Enter all information about your LDAP server. Select Test Connectivity. If your information is correct, Connection status is Successful.
- Create a Fabric Connector to the FSSO agent by going to Security Fabric > Fabric Connectors and select + Create New.
- Under SSO/Identity, select Fortinet Single Sign-On Agent.
- Set the Name and enter the IP address and password for the Primary FSSO Agent.
- Set Collector Agent AD access mode to Advanced and set LDAP Server to the new LDAP service.
- Your FortiGate displays information retrieved from the AD server. Select Groups, then right-click the FSSO group and select + Add Selected.
- Select Selected.
- To create a user group for FSSO users, go to User & Device > User Groups and select Create New.
- Enter a group Name and set Type to Fortinet Single Sign-On (FSSO). Add the FSSO users to Members.
- To create a policy for FSSO users, go to Policy & Objects > IPv4 Policy and select Create New.
- For Source, set User to the FSSO user group.
The FSSO group is shown.