Collector agent installation

Chapter 3 Authentication for FortiOS 5.0 : Agent-based FSSO : Agent installation : Collector agent installation

To install FSSO, you must obtain the FSSO_Setup file from the Fortinet Support web site. This is available as either an executable (.exe) or a Microsoft Installer (.msi) file. Then you follow these two installation procedures on the server that will run the Collector agent. This can be any server or domain controller that is part of your network. These procedures also installs the DC Agent on all of the domain controllers in your network.

To install the Collector agent

1. Create an account with administrator privileges and a password that does not expire. See Microsoft Advanced Server documentation for help with this task.

To use a non-admin read only account, see “Installing FSSO without using an administrator account”.

2. Log on to the account that you created in Step 1.

3. Double-click the FSSOSetup.exe file.

4. The Fortinet SSO Collector Agent Setup Wizard starts.

5. Select Next.

6. Read and accept the license agreement. Select Next.

7. Optionally, you can change the installation location. Select Next.

8. Optionally, change the User Name.

By default, the agent is installed using the currently running account. If you want FSSO to use another existing admin account, change the User Name using the format DomainName \ UserName. For example if the account is jsmith and the domain is example_corp you would enter example_corp\jsmith.

9. In the Password field, enter the password for the account listed in the User Name field.

10. Select Next.

11. Enable as needed:

• Monitor user logon events and send the information to the FortiGate unit

• Serve NTLM authentication requests coming from FortiGate

By default, both methods are enabled. You can change these options after installation.

12. Select the access method to use for Windows Directory:

• Select Standard to use Windows domain and username credentials.

• Select Advanced if you will set up LDAP access to Windows Directory.

See “Collector agent AD Access mode - Standard versus Advanced”.

13. Select Next and then select Install.

14. If you want to use DC Agent mode, ensure that Launch DC Agent Install Wizard is selected. This will start DC agent installation immediately after you select Finish.

15. Select Finish.


	If you see an error such as Service Fortinet Single Sign On agent (service_FSAE) failed to start, there are two possible reasons for this. Verify the user account you selected has sufficient privileges to run the FSSO service. Also verify the computer system you are attempting to install on is a supported operating system and version.