When a FortiClient endpoint is managed by EMS, logged in user and domain information is shared with FortiOS through the EMS connector. This information can be joined with the Exchange connector to produce more complete user information in the user store.
diagnose user-device-store device memory list command displays detailed device information.
In this example, the FortiClient PC user (test1) logs on to the AD domain (FORTINET-FSSO.COM), which is also the same domain as the Exchange server. The user information is pushed to the EMS server that the user is registered to. The FortiGate synchronizes the information from EMS, and at the same time looks up the user on the Exchange server under the Exchange connector. If the user exists on the Exchange server, additional information is fetched. These details are combined in the user store, which is visible in the FortiClient widget in the Status dashboard.
config user exchange edit "exchange-140" set server-name "W2K8-SERV1" set domain-name "FORTINET-FSSO.COM" set username "Administrator" set password ******** next end
config endpoint-control fctems edit "ems133" set server "172.18.62.12" set certificate-fingerprint "4F:A6:76:E2:00:4F:A6:76:E2:00:4F:A6:76:E2:00:E0" next end
- Go to Dashboard > Status.
- In the FortiClient widget, hover over a device or user name to view the information.
# diagnose user-device-store device memory list ... Record #13: device_info 'ipv4_address' = '10.1.100.185' 'mac' = '00:0c:29:11:5b:6b' 'hardware_vendor' = 'VMware' 'vdom' = 'root' 'os_name' = 'Microsoft' 'os_version' = 'Windows 7 Professional Edition, 32-bit Service Pack 1 (build 7601)' 'hostname' = 'win7-5' 'unauth_user' = 'Administrator' 'last_seen' = '1611356490' 'host_src' = 'forticlient' 'user_info_src' = 'forticlient' 'is_forticlient_endpoint' = 'true' 'unjoined_forticlient_endpoint' = 'false' 'is_forticlient_unauth_user' = 'true' 'avatar_source' = 'OS' 'domain' = 'Fortinet-FSSO.COM' 'forticlient_id' = '********************************' 'forticlient_username' = 'Administrator' 'forticlient_version' = '6.4.2' 'on_net' = 'true' 'quarantined_on_forticlient' = 'false' 'vuln_count' = '0' 'vuln_count_critical' = '0' 'vuln_count_high' = '0' 'vuln_count_info' = '0' 'vuln_count_low' = '0' 'vuln_count_medium' = '0' 'is_online' = 'true' interface_info 'ipv4_address' = '10.1.100.185' 'mac' = '00:0c:29:11:5b:6b' 'master_mac' = '00:0c:29:11:5b:6b' 'detected_interface' = 'port10' 'last_seen' = '1611356490' 'is_master_device' = 'true' 'is_detected_interface_role_wan' = 'false' 'detected_interface_fortitelemetry' = 'true' 'forticlient_gateway_interface' = 'port10' 'on_net' = 'true' 'is_online' = 'true'