Chapter 5. Authentication
5.2 FSSO
Learning Objectives
- Install FSSO Agent on Windows Server
- Configure a FSSO
Scenario: FSSO stands for Fortinet Single Sign-on and it is used to allow users to login into the network with one single login credential. In this scenario, we are going to focus on agent-based FSSO and we are going to install the agent on Windows Server. Then, anyone logins through Active Directory, we can track them through FortiGate Logs and Events.
- In this scenario, we are going to join windows 10 to Active Directory that we have set already. The domain controller name is Hamid.local. First, we will join Windows 10 to the domain controller.
- Install FSSO Agent on the AD server.
The password you set here for the agent is going to be used in the FortiGate firewall when you want to connect to the FSSO Agent.
- In the FortiGate firewall, go to Security Fabric > External Connectors > FSSO Agent on Windows AD.
Enter the same password you have set in step 2.
- You should be able to connect to FSSO Agent and you can verify the status of the external connector.
- Verify your configuration by going to Log & Report > Events > User Events.
- After connecting to the Agent, you should be able to see users and groups in AD when you are creating a new user.