Creating user groups, To create a user group for fsae authentication – Fortinet FSAE User Manual

Using FSAE on your network

Configuring FSAE on FortiGate units

Fortinet Server Authentication Extension Version 1.5 Technical Note
01-30005-0373-20071001

15

Viewing information imported from the Windows AD server

You can view the domain and group information that the FortiGate unit receives
from the AD Server. Go to User > Windows AD.

Figure 3: List of groups from Active Directory server

Creating user groups

You cannot use Active Directory groups directly in FortiGate firewall policies. You
must add Active Directory groups to FortiGate user groups.

An Active Directory group should be belong to only one FortiGate user group. If
you assign it to multiple FortiGate user groups, the FortiGate unit recognizes only
the last user group assignment.

To create a user group for FSAE authentication

1

Go to User > User Group.

2

Select Create New.

The New User Group dialog box opens.

Create New

Add a new Windows AD server.

Name

AD Server

The name defined for the Windows AD server.

Domain

Domain name imported from the Windows AD server.

Groups

The group names imported from the Windows AD server.

FSAE Collector IP

The IP address of the Windows AD server

Delete icon

Delete this Windows AD server definition.

Edit icon

Edit this Windows AD server definition.

Refresh icon

Get user group information from the Windows AD server.

AD Server

Domain

Groups

Delete

Edit

Refresh