config authentication scheme
Description: Configure Authentication Schemes.
edit <name>
set method {option1}, {option2}, ...
set negotiate-ntlm [enable|disable]
set kerberos-keytab {string}
set domain-controller {string}
set fsso-agent-for-ntlm {string}
set require-tfa [enable|disable]
set fsso-guest [enable|disable]
set user-database <name1>, <name2>, ...
set ssh-ca {string}
next
end| Parameter Name | Description | Type | Size |
|---|---|---|---|
| method | Authentication methods (default = basic). ntlm: NTLM authentication. basic: Basic HTTP authentication. digest: Digest HTTP authentication. form: Form-based HTTP authentication. negotiate: Negotiate authentication. fsso: Fortinet Single Sign-On (FSSO) authentication. rsso: RADIUS Single Sign-On (RSSO) authentication. ssh-publickey: Public key based SSH authentication. |
option | - |
| negotiate-ntlm | Enable/disable negotiate authentication for NTLM (default = disable). enable: Enable negotiate authentication for NTLM. disable: Disable negotiate authentication for NTLM. |
option | - |
| kerberos-keytab | Kerberos keytab setting. | string | Maximum length: 35 |
| domain-controller | Domain controller setting. | string | Maximum length: 35 |
| fsso-agent-for-ntlm | FSSO agent to use for NTLM authentication. | string | Maximum length: 35 |
| require-tfa | Enable/disable two-factor authentication (default = disable). enable: Enable two-factor authentication. disable: Disable two-factor authentication. |
option | - |
| fsso-guest | Enable/disable user fsso-guest authentication (default = disable). enable: Enable user fsso-guest authentication. disable: Disable user fsso-guest authentication. |
option | - |
user-database <name> |
Authentication server to contain user information; "local" (default) or "123" (for LDAP). Authentication server name. |
string | Maximum length: 79 |
| ssh-ca | SSH CA name. | string | Maximum length: 35 |
config authentication scheme
Description: Configure Authentication Schemes.
edit <name>
set method {option1}, {option2}, ...
set negotiate-ntlm [enable|disable]
set kerberos-keytab {string}
set domain-controller {string}
set fsso-agent-for-ntlm {string}
set require-tfa [enable|disable]
set fsso-guest [enable|disable]
set user-database <name1>, <name2>, ...
set ssh-ca {string}
next
end| Parameter Name | Description | Type | Size |
|---|---|---|---|
| method | Authentication methods (default = basic). ntlm: NTLM authentication. basic: Basic HTTP authentication. digest: Digest HTTP authentication. form: Form-based HTTP authentication. negotiate: Negotiate authentication. fsso: Fortinet Single Sign-On (FSSO) authentication. rsso: RADIUS Single Sign-On (RSSO) authentication. ssh-publickey: Public key based SSH authentication. |
option | - |
| negotiate-ntlm | Enable/disable negotiate authentication for NTLM (default = disable). enable: Enable negotiate authentication for NTLM. disable: Disable negotiate authentication for NTLM. |
option | - |
| kerberos-keytab | Kerberos keytab setting. | string | Maximum length: 35 |
| domain-controller | Domain controller setting. | string | Maximum length: 35 |
| fsso-agent-for-ntlm | FSSO agent to use for NTLM authentication. | string | Maximum length: 35 |
| require-tfa | Enable/disable two-factor authentication (default = disable). enable: Enable two-factor authentication. disable: Disable two-factor authentication. |
option | - |
| fsso-guest | Enable/disable user fsso-guest authentication (default = disable). enable: Enable user fsso-guest authentication. disable: Disable user fsso-guest authentication. |
option | - |
user-database <name> |
Authentication server to contain user information; "local" (default) or "123" (for LDAP). Authentication server name. |
string | Maximum length: 79 |
| ssh-ca | SSH CA name. | string | Maximum length: 35 |