Domain groupings enable you to identify and group together SSO sessions from domains belonging to a specific FortiGate or virtual domain (VDOM). This is useful in environments where the networks behind each FortiGate or VDOM have their own set of users and IP subnets. Domain groupings allow the FortiAuthenticator to return only the SSO sessions belonging to users from a specific FortiGate or VDOM.
To manage domain groupings, go to Fortinet SSO Methods > SSO > Domain Groupings.
The following options are available:
Configure a new domain grouping.
|Delete||Delete the selected domain groupings.|
|Edit||Edit the selected domain grouping.|
|Name||The name of the domain grouping.|
|Description||A description of the domain grouping.|
|Domains||A list of domains that belong to the domain grouping.|
Logins from domains that do not belong to any other configured domain grouping will be assigned to the Default domain grouping.
- From the Domain Groupings list, select Create New.
- Enter the following information:
- Select OK to create the new domain grouping.
The Create New Domain Grouping window opens.
|Name||Enter a name for the domain grouping.|
|Description||Optionally, enter a description for the domain grouping.|
Enter the domains that belong to the domain grouping, separated with commas or line breaks.
Note: A domain can only belong to one domain grouping.
After domain groupings are defined, the SSO sessions list displays the corresponding domain grouping of each SSO session. See SSO for more information.