SSO Server List Lists all the collector agents’ lists that you have configured. On this page, you can create, edit or delete FSSO agents. There are different types of FSSO agents, each with its own settings. Note: You can create a redundant configuration on your unit if you install a collector agent on two or more domain controllers. If the current (or first) collector agent fails, the Fortinet unit switches to the next one in its list of up to five collector agents. | |
Create New | Creates a new agent. When you select Create New, you are automatically redirected to the New page. |
Edit | Modifies the settings for the selected SSO server. To remove multiple entries from the list, for each servers you want removed, select the check box and then select Delete. To remove all agents from the list, on the FSSO Agent page, select the check box at the top of the check box column and then select Delete. |
Delete | Removes an agent from the list on the page. |
Settings when Type is Poll Active Directory Server | |
Server IP/Name | The IP address of the domain controller (DC). |
User | The user ID used to access the domain controller. |
Password | Enter the password for the account used to access the DC. |
LDAP Server | Select the check box and select an LDAP server to access the Directory Service. |
Enable Polling | Enable to allow the FortiGate unit to poll this DC. |
Users/Groups | A list of user and user group names retrieved from the DC. |
Settings when Type is Fortinet Single Sign On Agent | |
Name | Enter a name for the SSO server. |
Primary Agent IP/Name Secondary Agent IP/Name | Enter the IP address or name of the Directory Service server where this SSO agent is installed. The maximum number of characters is 63. |
Password | Enter the password for the collector agent. This is required only if you configured your Fortinet Single Sign On Agent collector agent to require authenticated access. |
More FSSO agents | Select to add up to three additional SSO agents. |
LDAP Server | Select the LDAP server. |
Users/Groups | A list of user and user group names retrieved from the server. |
Settings when Type is RADIUS Single Sign On Agent | |
Use RADIUS Shared Secret | Enable |
Shared Secret | Enter the RADIUS server shared secret. |
Send RADIUS Responses | Enable. |