You can manually import endpoints from an AD server. You can import and synchronize information about computer accounts with an LDAP or LDAPS service. You can add endpoints by identifying endpoints that are part of an AD domain server.
A video on how to add a domain is available in the Fortinet Video Library.
You can add the entire domain or an OU from the domain.
To add endpoints using an AD domain server:
- Go to Endpoints > Manage Domains > Add. The Domain pane displays.
- Configure the following options:
Enter the domain's IP address or hostname.
Enter the port number.
Enter the distinguished name (optional). You must use only capital letters when configuring the DN.
Available when Bind type is set to Regular. Enter the username.
Available when Bind type is set to Regular. Enter the user password.
Available when Bind type is set to Regular. Turn on and off to show or hide the password.
Turn on to enable a secure connection protocol when Bind Type is set to Regular.
Enter the sync schedule between FortiClient EMS and the domain in minutes. The default is ten minutes.
- Click Test to test the domain settings connection.
- If the test is successful, select Save to save the new domain. If not, correct the information as required, then test the settings again.
After importing endpoints from an AD server, you can edit the endpoints. These changes do not sync back to the AD server.
Connecting manually from FortiClient
Endpoint users can manually connect FortiClient Telemetry to FortiClient EMS by specifying the IP address for FortiClient EMS in FortiClient. This process is sometimes called registering FortiClient to FortiClient EMS.
To manually connect to EMS from FortiClient:
- In FortiClient on the endpoint, go to the Fabric Telemetry tab.
- In EMS IP box, enter the EMS IP address, and click Connect. FortiClient connects to FortiClient EMS.
For information about FortiClient, see the FortiClient Administration Guide.
The FortiClient Telemetry gateway port may be appended to the gateway list address on FortiClient and separated by a colon. When the port is not provided, FortiClient attempts to connect to the IP address given using the default port. The default connection port in FortiClient 6.0 and 6.2 is 8013. By default, FortiClient EMS listens for connection on port 8013.
It is considered best practice to add endpoints using an AD domain server. Connecting FortiClient to FortiClient EMS manually is only recommended for troubleshooting purposes.