Fortinet black logo

New Features

Synchronizing LDAP Active Directory users to FortiToken Cloud using the two-factor filter 7.2.1

Copy Link
Copy Doc ID 77966226-6996-11ec-bdf2-fa163e15d75b:80565
Download PDF

Synchronizing LDAP Active Directory users to FortiToken Cloud using the two-factor filter 7.2.1

To synchronize Active Directory users and apply two-factor authentication using FortiToken Cloud, two-factor authentication can be enabled in the user ldap object definition in FortiOS. By default, FortiOS retrieves all Active Directory users in the LDAP server with a valid email or mobile number (mail and mobile attributes), and synchronizes the users to FortiToken Cloud. Users are then created on FortiToken Cloud and activation is sent out using email or SMS.

Two-factor filters can be used to reduce the number of the Active Directory users returned, and only synchronize the users who meet the filter criteria.

For more information about this feature, see Synchronizing LDAP Active Directory users to FortiToken Cloud using the group filter. This example is for FortiOS 7.0.6 and uses the group-filter option, which is replaced with two-factor-filter in FortiOS 7.2.1 and later.

Synchronizing LDAP Active Directory users to FortiToken Cloud using the two-factor filter 7.2.1

To synchronize Active Directory users and apply two-factor authentication using FortiToken Cloud, two-factor authentication can be enabled in the user ldap object definition in FortiOS. By default, FortiOS retrieves all Active Directory users in the LDAP server with a valid email or mobile number (mail and mobile attributes), and synchronizes the users to FortiToken Cloud. Users are then created on FortiToken Cloud and activation is sent out using email or SMS.

Two-factor filters can be used to reduce the number of the Active Directory users returned, and only synchronize the users who meet the filter criteria.

For more information about this feature, see Synchronizing LDAP Active Directory users to FortiToken Cloud using the group filter. This example is for FortiOS 7.0.6 and uses the group-filter option, which is replaced with two-factor-filter in FortiOS 7.2.1 and later.