Fortinet black logo

New Features

Home FortiManager 6.2.2 New Features

Directly use FSSO address group in firewall policies

6.2.2
7.4.0
7.2.0
7.0.0
6.4.0
6.2.7
6.2.3
6.2.2
6.2.1
6.2.0
Copy Link
Copy Doc ID fb7e22ea-ce9a-11e9-8977-00505692583a:381772
Download PDF

Directly use FSSO address group in firewall policies

Administrators can now directly use FSSO address group in firewall policies.

Case 1:
  1. FortiManager has an FSSO Agent with 46 Active Directory groups.

  2. In the Edit Policy page, Active Directory groups can be directly used under FSSO groups, and there is no need to create an FSSO type user group.

Case 2:
  1. FortiManager has an LDAP server named ldap1.

  2. Under FSSO Agent, configure the following:
  • User Group source: Local
  • LDAP Server : ldap1
  • Specify the search filter as (objectCategory=group).

  • In the policy create/edit page, you can view all the user groups from the LDAP server as Active Directory Group for FSSO Groups.

  • Install the changes to FortiGate.

    • Previous
    Next

    Related Videos

    sidebar video

    Directly Use FSSO Groups in Firewall Policies

    • 1,352 views
    • 3 years ago

    Directly use FSSO address group in firewall policies

    Administrators can now directly use FSSO address group in firewall policies.

    Case 1:
    1. FortiManager has an FSSO Agent with 46 Active Directory groups.

    2. In the Edit Policy page, Active Directory groups can be directly used under FSSO groups, and there is no need to create an FSSO type user group.

    Case 2:
    1. FortiManager has an LDAP server named ldap1.

    2. Under FSSO Agent, configure the following:
    • User Group source: Local
    • LDAP Server : ldap1
  • Specify the search filter as (objectCategory=group).

  • In the policy create/edit page, you can view all the user groups from the LDAP server as Active Directory Group for FSSO Groups.

  • Install the changes to FortiGate.

    • Previous
    Next