Created on 10-09-2018 10:33 AM Edited on 05-09-2023 06:24 AM By Anthony_E
Description
This article provides steps to import administrative users from an Active Directory Group.
Scope
FortiNAC v8.x, v9.x.
Solution
1) Under System Settings > Authentication > LDAP
- 'Double-click' on the directory.
- Select Search Branches.
- Configure a group search branch mapping.
Under System Settings -> Authentication -> LDAP.
- 'Double-click' on the directory.
- Select the Selected Groups tab.
- Place a checkmark in the group you want to give administrative privileges to (our case: Domain Admins)
Under System -> Scheduler
- Select Synchronize Users with Directory
- Seletc the Run Now button (the previously selected "Domain Admins" group will be imported in FNAC as an Host group.
Under System > Groups
11. Delete the group (because it is imported as a host group)
12. Add a group with the exact same name "Domain Admins"
13. Make the group type Administrator
Under Users > Admin Profiles > Profile Mappings
14. Click Add
15. Use the drop down to select the admin privileges you want the group to have. In our case "Super Administrator"
16. Use the drop down to select the group "Domain Admins"
17. Click the Ok button
Under System > Scheduler
18. Select Synchronize Users with Directory
19. Click the Run Now button
Under Users > Admin Users
20. Verify that the new admin users "fortinet" and "testadmin" that have been imported to this view.
21. Editing the "fortinet" user we will be able to see the account with attributes from LDAP directory
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.