Fortinet FSAE ユーザーズマニュアル
Using FSAE on your network
Configuring FSAE on FortiGate units
Fortinet Server Authentication Extension Version 1.5 Technical Note
01-30005-0373-20071001
01-30005-0373-20071001
15
Viewing information imported from the Windows AD server
You can view the domain and group information that the FortiGate unit receives
from the AD Server. Go to User > Windows AD.
from the AD Server. Go to User > Windows AD.
Figure 3: List of groups from Active Directory server
Creating user groups
You cannot use Active Directory groups directly in FortiGate firewall policies. You
must add Active Directory groups to FortiGate user groups.
must add Active Directory groups to FortiGate user groups.
An Active Directory group should be belong to only one FortiGate user group. If
you assign it to multiple FortiGate user groups, the FortiGate unit recognizes only
the last user group assignment.
you assign it to multiple FortiGate user groups, the FortiGate unit recognizes only
the last user group assignment.
To create a user group for FSAE authentication
1
Go to User > User Group.
2
Select Create New.
The New User Group dialog box opens.
Create New
Add a new Windows AD server.
Name
AD Server
The name defined for the Windows AD server.
Domain
Domain name imported from the Windows AD server.
Groups
The group names imported from the Windows AD server.
FSAE Collector IP
The IP address of the Windows AD server
Delete icon
Delete this Windows AD server definition.
Edit icon
Edit this Windows AD server definition.
Refresh icon
Get user group information from the Windows AD server.
AD Server
Domain
Groups
Delete
Edit
Refresh