Configuring Windows and LDAP user accounts
You can configure Windows and LDAP users to have no access or administrator access to FortiClient EMS.
The Windows users list is derived from the host server on which FortiClient EMS is installed. If you want to add more Windows users, you must add them to the host server. The list of LDAP users is derived from those in the AD domain imported into FortiClient EMS using Administration > User Server. If you want to add more LDAP users, they must already exist in the AD domain configured as the user server.
- Go to Administration > Administrators.
- Click the Add button.
- Under User source, select Choose from LDAP/Windows users. Click Next.
- Configure the permissions:
Select the Windows/LDAP user to configure permissions for.
Select the desired admin role for this user. See Admin roles.
Select or add access to a domain for the Windows/LDAP user.
Restrict Login to Trusted Hosts
When this option is enabled, users can only log into this account from a trusted host machine.
In the Trusted Hosts field, enter a trusted host machine's IP address. Use the + button to add multiple trusted host machines.
Enter optional comments/information for the Windows/LDAP user.
- Click Save.
When an admin user from an AD domain logs into EMS, they must provide the domain name as part of their username to log in successfully. For example, if the domain name is "example-domain" and the username is "admin", the user must enter "example-domain/admin" when logging into EMS.