Fortinet black logo

Administration Guide

Fortinet single sign-on agent

Fortinet single sign-on agent

To create an FSSO agent connector in the GUI:
  1. Go to Security Fabric > External Connectors.
  2. Click Create New.
  3. In the Endpoint/Identity section, click FSSO Agent on Windows AD.

  4. Fill in the Name, and Primary FSSO Agent server IP address or name and Password.
  5. Optionally, add more FSSO agents by clicking the plus icon.
  6. Optionally, enable Trusted SSL certificate and select or import a certificate.
  7. Select the User group source:
    • Collector Agent: User groups will be pushed to the FortiGate from the collector agent. Click Apply & Refresh to fetch group filters from the collector agent.
    • Local: User groups will be specified in the FortiGate unit's configuration. Select the LDAP server from the list, then click Edit to select the Users, Groups, and Organizational Units. Optionally, enable Proactively retrieve from LDAP server and configure the Search filter and Interval.
  8. Click OK.

Fortinet single sign-on agent

To create an FSSO agent connector in the GUI:
  1. Go to Security Fabric > External Connectors.
  2. Click Create New.
  3. In the Endpoint/Identity section, click FSSO Agent on Windows AD.

  4. Fill in the Name, and Primary FSSO Agent server IP address or name and Password.
  5. Optionally, add more FSSO agents by clicking the plus icon.
  6. Optionally, enable Trusted SSL certificate and select or import a certificate.
  7. Select the User group source:
    • Collector Agent: User groups will be pushed to the FortiGate from the collector agent. Click Apply & Refresh to fetch group filters from the collector agent.
    • Local: User groups will be specified in the FortiGate unit's configuration. Select the LDAP server from the list, then click Edit to select the Users, Groups, and Organizational Units. Optionally, enable Proactively retrieve from LDAP server and configure the Search filter and Interval.
  8. Click OK.